a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The contents of this file are subject to the terms
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * of the Common Development and Distribution License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * (the License). You may not use this file except in
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * compliance with the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * You can obtain a copy of the License at
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * https://opensso.dev.java.net/public/CDDLv1.0.html or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * See the License for the specific language governing
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * permission and limitations under the License.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * When distributing Covered Code, include this CDDL
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Header Notice in each file and include the License file
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * If applicable, add the following below the CDDL Header,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * with the fields enclosed by brackets [] replaced by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * your own identifying information:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * "Portions Copyrighted [year] [name of copyright owner]"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * $Id: ProxySubject.java,v 1.2 2008/06/25 05:47:20 qcheng Exp $
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.common.SAMLRequesterException;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.NameIdentifier;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.saml.assertion.SubjectConfirmation;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterimport com.sun.identity.liberty.ws.common.wsse.WSSEConstants;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * The <code>ProxySubject</code> class represents the identity of a proxy,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * the confirmation key and confirmation obligation the proxy must posess and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * demonstrate for authentication purpose.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @supported.all.api
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs a <code>ProxySubject</code> object from a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>NameIdentifier</code> object and a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SubjectConfirmation</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param nameIdentifier <code>NameIdentifier</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param subjectConfirmation <code>SubjectConfirmation</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if <code>nameIdentifier</code> and
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SubjectConfirmation</code> are null;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public ProxySubject(NameIdentifier nameIdentifier, SubjectConfirmation
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Checks for equality between this object and the <code>ProxySubject</code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * passed down as parameter.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param subject <code>ProxySubject</code> to be checked
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return true if the two are EXACTLY equal.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs a <code>ProxySubject</code> object from a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>NameIdentifier</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param nameIdentifier <code>NameIdentifier</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if <code>nameIdentifier</code> is null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public ProxySubject(NameIdentifier nameIdentifier) throws SAMLException {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs a <code>ProxySubject</code> object from a DOM Element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * which has already been built into a DOM.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param subjectElement An Element representing DOM tree for
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>ProxySubject</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if it could not process the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Element properly, implying that there is an error in the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * sender or in the element definition.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public ProxySubject(org.w3c.dom.Element subjectElement)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("ProxySubject: local name missing");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(SAMLUtils.bundle.getString
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster ("nullInput")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("ProxySubject: invalid root element");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(SAMLUtils.bundle.getString(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "invalidElement")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("Subject: No sub elements found");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(SAMLUtils.bundle.getString(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "emptyElement")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // TODO: sequence is not checked as yet
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster if (child.getNodeType() != Node.ELEMENT_NODE) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster setNameIdentifier(new NameIdentifier((Element)child));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster } else if (childName.equals("SubjectConfirmation")) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster setSubjectConfirmation(new SubjectConfirmation((Element)child));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("Subject: Invalid element "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "encountered.");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(SAMLUtils.bundle.getString(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "invalidElement")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster SAMLUtils.debug.message("Subject: more than allowed elements "
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster + "passed");
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster throw new SAMLRequesterException(SAMLUtils.bundle.getString(
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster "moreElement")) ;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Constructs a <code>ProxySubject</code> object from a
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * <code>SubjectConfirmation</code> object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param subjectConfirmation <code>SubjectConfirmation</code> object to be
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * added to the object.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @throws SAMLException if <code>subjectConfirmation</code> is null.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public ProxySubject(SubjectConfirmation subjectConfirmation)
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Creates a String representation of the element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return A string containing the valid XML for this element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * By default name space name is prepended to the element name
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * example <code><saml:Subject></code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster // call toString() with includeNS true by default and declareNS false
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * Creates a String representation of the <code><Subject></code>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param includeNS if true prepends all elements by their Namespace
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * name example <code><saml:Subject></code>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @param declareNS if true includes the namespace within the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * generated XML.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster * @return String containing the valid XML for this element.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster public java.lang.String toString(boolean includeNS, boolean declareNS) {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster secNSString = " " + WSSEConstants.TAG_XMLNS + ":" +
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster WSSEConstants.TAG_SEC + "=" + "\"" + secNS + "\"";
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(getNameIdentifier().toString(includeNS, declareNS));
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster xml.append(getSubjectConfirmation().toString(includeNS, declareNS));