saml/assertion/AuthenticationStatement.java

a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * opensso/legal/CDDLv1.0.txt
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * at opensso/legal/CDDLv1.0.txt.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: AuthenticationStatement.java,v 1.3 2008/06/25 05:47:31 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
f2cdb1a48e8538ce4f025b3d9204b2003da31065Peter Major/**
f2cdb1a48e8538ce4f025b3d9204b2003da31065Peter Major * Portions Copyrighted 2014 ForgeRock AS
f2cdb1a48e8538ce4f025b3d9204b2003da31065Peter Major */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpackage com.sun.identity.saml.assertion;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.text.*;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport java.util.*;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport org.w3c.dom.*;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.shared.DateUtils;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLUtilsCommon;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLRequesterException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The <code>AuthenticationStatement</code> element supplies a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * statement by the issuer that its subject was authenticated by a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * particular means at a particular time. The
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AuthenticationStatement</code> element is of type
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>AuthenticationStatementType</code>, which extends the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SubjectStatementAbstractType</code> with the additional element and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * attributes.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.all.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterpublic class AuthenticationStatement extends SubjectStatement {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //The AuthenticationMethod attribute specifies the type of Authentication
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //that took place.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected String  _authenticationMethod = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //The AuthenticationInstant attribute specifies the time at which the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //authentication took place.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected Date  _authenticationInstant = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //The SubjectLocality specifies the DNS domain name and IP address
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //for the system entity from which the Subject was apparently authenticated.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected SubjectLocality  _subjectLocality = null ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //The authority binding specifies the type of authority that performed
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    //the authentication.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected List  _authorityBinding = null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *Default constructor
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected AuthenticationStatement() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Constructs an authentication statement element from an
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * existing XML block.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param element representing a DOM tree element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @exception SAMLException if there is an error in the sender or in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *            element definition.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public AuthenticationStatement(Element element) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        // make sure input is not null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (element == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                "AuthenticationStatement: null input.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.bundle.getString("nullInput"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        // check if it's an AuthenticationStatement
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        boolean valid = SAMLUtilsCommon.checkStatement(element,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            "AuthenticationStatement");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (!valid) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                "AuthenticationStatement: Wrong input.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.bundle.getString("wrongInput"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        int i = 0;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        //handle the attributes of AuthenticationStatement
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        NamedNodeMap atts = ((Node)element).getAttributes();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        int attCount = atts.getLength();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        for (i = 0; i < attCount; i++) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            Node att = atts.item(i);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (att.getNodeType() == Node.ATTRIBUTE_NODE) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                String attName = att.getLocalName();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                if (attName == null || attName.length() == 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            "AuthenticationStatement:" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            "Attribute name is either null or empty.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    continue;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    //throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                      //  SAMLUtilsCommon.bundle.getString("nullInput"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                if (attName.equals("AuthenticationMethod")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    _authenticationMethod = ((Attr)att).getValue().trim();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                } else if (attName.equals("AuthenticationInstant")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    try {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        _authenticationInstant =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            DateUtils.stringToDate(((Attr)att).getValue());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    } catch (ParseException pe ) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        SAMLUtilsCommon.debug.error(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            "AuthenticationStatement:StringToDate", pe);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            SAMLUtilsCommon.bundle.getString(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            "wrongDateFormat"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    } // end of try...catch
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        } // end of for loop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        //Handle the children elements of AuthenticationStatement
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        NodeList nodes = element.getChildNodes();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        int nodeCount = nodes.getLength();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (nodeCount > 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            for (i = 0; i < nodeCount; i++) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                Node currentNode = nodes.item(i);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                if (currentNode.getNodeType() == Node.ELEMENT_NODE) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    String tagName = currentNode.getLocalName();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    String tagNS = currentNode.getNamespaceURI();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    if ((tagName == null) || tagName.length() == 0 ||
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        tagNS == null || tagNS.length() == 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                "AuthenticationStatement: The" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                " tag name or tag namespace of child" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                " element is either null or empty.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            SAMLUtilsCommon.bundle.getString("nullInput"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    if (tagName.equals("Subject") &&
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        tagNS.equals(SAMLConstants.assertionSAMLNameSpaceURI)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        if (this._subject != null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                SAMLUtilsCommon.debug.message("Authentication" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                   "Statement:should only contain one subject");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                SAMLUtilsCommon.bundle.getString("oneElement"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        } else {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            this._subject =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                createSubject((Element)currentNode);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    } else if (tagName.equals("SubjectLocality") &&
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        tagNS.equals(SAMLConstants.assertionSAMLNameSpaceURI)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        if (_subjectLocality != null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                SAMLUtilsCommon.debug.message("Authentication"+
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                            "Statement: should at most " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                            "contain one SubjectLocality.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                 SAMLUtilsCommon.bundle.getString(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                     "oneElement"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        } else {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             _subjectLocality =
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                    createSubjectLocality((Element)currentNode);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    } else if (tagName.equals("AuthorityBinding") &&
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        tagNS.equals(SAMLConstants.assertionSAMLNameSpaceURI)) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                         if (_authorityBinding == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             _authorityBinding = new ArrayList();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                         }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                         if ((_authorityBinding.add(createAuthorityBinding(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             (Element)currentNode))) == false) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                 SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                     "Authentication Statment: failed to" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                     " add to the AuthorityBinding list.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                 SAMLUtilsCommon.bundle.getString(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                     "addListError"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                         }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    } else {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                         if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                 "AuthenticationStatement:"+
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                 "Wrong element " + tagName + "included.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                         }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                         throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                             SAMLUtilsCommon.bundle.getString("wrongInput"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                } // end of if (currentNode.getNodeType() == Node.ELEMENT_NODE)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            } // end of for loop
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }  // end of if (nodeCount > 0)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        // check if the subject is null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (this._subject == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    "AuthenticationStatement should " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    "contain one subject.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        SAMLUtilsCommon.bundle.getString("missingElement"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Constructs <code>Authentication statement</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authMethod (optional) A String specifies the type of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        authentication that took place.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authInstant (optional) A String specifies the time at which
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        the authentication took place.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param subject (required) A Subject object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @exception SAMLException if there is an error in the sender.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public AuthenticationStatement(String authMethod, Date authInstant,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Subject subject) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _authenticationMethod = authMethod;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _authenticationInstant = authInstant;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        // check if the subject is null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (subject == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    "AuthenticationStatement:missing the subject.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.bundle.getString("missingElement"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        } else
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            this._subject = subject;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Constructs <code>AuthenticationStatement</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authMethod (optional) A String specifies the type of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        authentication that took place.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authInstant (optional) A String specifies the time at which the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        authentication that took place.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param subject (required) A Subject object
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param subjectLocality (optional) A <code>SubjectLocality</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authorityBinding (optional) A List of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        <code>AuthorityBinding</code> objects.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @exception SAMLException if there is an error in the sender.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public AuthenticationStatement(String authMethod, Date authInstant,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Subject subject, SubjectLocality subjectLocality,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        List authorityBinding) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _authenticationMethod = authMethod;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _authenticationInstant = authInstant;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        // check if the subject is null
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (subject == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.debug.message(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    "AuthenticationStatement: should" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    " contain one subject.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            throw new SAMLRequesterException(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.bundle.getString("oneElement"));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        } else {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            this._subject = subject;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _subjectLocality = subjectLocality;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (authorityBinding != null && !authorityBinding.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (_authorityBinding == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                _authorityBinding = new ArrayList();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            _authorityBinding = authorityBinding;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns the <code>SubjectLocality</code> from
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AuthenticationStatement</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return The <code>SubjectLocality</code> object within the authentication
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *         statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public SubjectLocality getSubjectLocality() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return _subjectLocality ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Sets the <code>SubjectLocality</code> for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AuthenticationStatement</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param subjectlocality The <code>SubjectLocality</code> object within
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        the <code>AuthenticationStatement</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return true if the operation is successful.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public boolean setSubjectLocality(SubjectLocality subjectlocality) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (subjectlocality == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.debug.message("AuthenticationStatement: " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                        "setSubjectLocality:Input is null.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _subjectLocality = subjectlocality ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns <code>AuthenticationMethod</code> from authentication statement
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return A String representing the authentication method of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *         authentication statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public String getAuthenticaionMethod() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return _authenticationMethod;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Sets <code>AuthenticationMethod</code> for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AuthenticationStatement</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authenticationmethod input authentication method
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return true if the operation is successful. Otherwise return false.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public boolean setAuthenticaionMethod(String authenticationmethod) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (authenticationmethod == null ||
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            authenticationmethod.length() == 0) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.debug.message("AuthenticationStatement: " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                      "setAuthenticationMethod:Input is null.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _authenticationMethod = authenticationmethod;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns <code>AuthenticationInstant</code> from authentication statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return The date/time when the authentication statement is created.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public Date getAuthenticationInstant() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return _authenticationInstant;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Sets <code>AuthenticationInstant</code> for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AuthenticationStatement</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authenticationinstant The date/time when the authentication
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        statement is created.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return true if the operation is successful.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public boolean setAuthenticationInstant(Date authenticationinstant) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (authenticationinstant == null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.debug.message("AuthenticationStatement: " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                     "setAuthenticationInstant:Input is null.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _authenticationInstant = authenticationinstant;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns the <code>AuthorityBinding</code> from
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AuthenticationStatement</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return A list of the <code>AuthorityBinding</code> objects
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public List getAuthorityBinding() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return  _authorityBinding;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Sets the <code>AuthorityBinding</code> for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AuthenticationStatement</code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param authoritybinding A list of the <code>AuthorityBinding</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        objects.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return true if the operation is successful.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public boolean setAuthorityBinding(List authoritybinding) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (authoritybinding == null || authoritybinding.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            if (SAMLUtilsCommon.debug.messageEnabled()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                SAMLUtilsCommon.debug.message("AuthenticationStatement: " +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                                        "setAuthorityBinding:Input is null.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            return false;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        _authorityBinding = authoritybinding;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return true;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *Gets the real type of the Statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *This method returns Statement.AUTHENTICATION_STATEMENT.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *@return an integer which is Statement.AUTHENTICATION_STATEMENT.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public int getStatementType() {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return Statement.AUTHENTICATION_STATEMENT;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns a String representation of the Authentication Statement.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return A String representation of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *         <code>&lt;saml:AuthenticationStatement&gt;</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *         element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public String toString()  {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return (toString(true, false));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /**
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Returns a String representation of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * <code>AuthenticationStatement</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param includeNS Determines whether or not the namespace qualifier is
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        prepended  to the Element when converted
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @param declareNS Determines whether or not the namespace is declared
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *        within the Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * @return A String representation of the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *         <code>&lt;saml:AuthenticationStatement&gt;</code> element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    public  String  toString(boolean includeNS, boolean declareNS)  {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        StringBuffer result = new StringBuffer(1000);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String prefix = "";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        String uri = "";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (includeNS) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            prefix = SAMLConstants.ASSERTION_PREFIX;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (declareNS) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            uri = SAMLConstants.assertionDeclareStr;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        result.append("<").append(prefix).append("AuthenticationStatement").
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster               append(uri);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (_authenticationMethod != null &&
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            _authenticationMethod.length() != 0){
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            result.append(" AuthenticationMethod=\"").
f2cdb1a48e8538ce4f025b3d9204b2003da31065Peter Major                   append(_authenticationMethod.replace("|", "%7C")).append("\"");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (_authenticationInstant != null &&
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            _authenticationInstant.toString().length() != 0
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        ) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            result.append(" AuthenticationInstant=\"")
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                .append(DateUtils.toUTCDateFormat(_authenticationInstant))
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                .append("\"");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        result.append(">\n").append(this._subject.toString(includeNS, false));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (_subjectLocality != null) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster            result.append(_subjectLocality.toString(includeNS, false));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        if (_authorityBinding != null && !_authorityBinding.isEmpty()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                Iterator iter = this.getAuthorityBinding().iterator();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                while (iter.hasNext()) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    AuthorityBinding authBinding=
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                        (AuthorityBinding)iter.next();
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                    result.append(authBinding.toString(includeNS, false));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster                }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        result.append("</").append(prefix).append("AuthenticationStatement>\n");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return(result.toString());
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected Subject createSubject(Element subjectElement)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return new Subject(subjectElement);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected SubjectLocality createSubjectLocality(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Element subjectLocalityElement)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return new SubjectLocality(subjectLocalityElement);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    protected AuthorityBinding createAuthorityBinding(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Element authorityBindingElement) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        return new AuthorityBinding(authorityBindingElement);
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    }
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster}