WSFederationMetaSecurityUtils.java revision 905b8e215b24a1b5d547692cef530c0d2ab545c9
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
5b21f2a201fd86e1b9c0a760d023cd3d667da842Eugen Kuksa * The contents of this file are subject to the terms
5b21f2a201fd86e1b9c0a760d023cd3d667da842Eugen Kuksa * of the Common Development and Distribution License
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * (the License). You may not use this file except in
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * compliance with the License.
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * You can obtain a copy of the License at
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * https://opensso.dev.java.net/public/CDDLv1.0.html or
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * See the License for the specific language governing
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * permission and limitations under the License.
db5f94b6009ee3a1a4f62a3bd1583a7b3ee96db8Eugen Kuksa * When distributing Covered Code, include this CDDL
db5f94b6009ee3a1a4f62a3bd1583a7b3ee96db8Eugen Kuksa * Header Notice in each file and include the License file
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * If applicable, add the following below the CDDL Header,
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * with the fields enclosed by brackets [] replaced by
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * your own identifying information:
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * "Portions Copyrighted [year] [name of copyright owner]"
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksa * $Id: WSFederationMetaSecurityUtils.java,v 1.6 2009/10/28 23:58:59 exu Exp $
db5f94b6009ee3a1a4f62a3bd1583a7b3ee96db8Eugen Kuksa * Portions Copyrighted 2011-2016 ForgeRock AS
db5f94b6009ee3a1a4f62a3bd1583a7b3ee96db8Eugen Kuksaimport org.apache.xml.security.keys.storage.implementations.KeyStoreResolver;
5b21f2a201fd86e1b9c0a760d023cd3d667da842Eugen Kuksaimport org.apache.xml.security.keys.storage.StorageResolver;
12bd03809cbc5823eecc086f5216ec46cb1c35adEugen Kuksaimport org.apache.xml.security.signature.XMLSignature;
1337b287f6abac1bfb527d5e3454e742fa5d630fEugen Kuksaimport com.sun.identity.shared.configuration.SystemPropertiesManager;
b78522b8f7a01953b0eda02cbc89b3984033676bEugen Kuksaimport com.sun.identity.saml2.common.SAML2Constants;
5b21f2a201fd86e1b9c0a760d023cd3d667da842Eugen Kuksaimport com.sun.identity.wsfederation.jaxb.entityconfig.AttributeType;
5b21f2a201fd86e1b9c0a760d023cd3d667da842Eugen Kuksaimport com.sun.identity.wsfederation.jaxb.entityconfig.FederationConfigElement;
5fa563f0173e7791139e4229800fc91652293647Eugen Kuksaimport com.sun.identity.wsfederation.jaxb.entityconfig.IDPSSOConfigElement;
public final class WSFederationMetaSecurityUtils {
private static boolean checkCert = true;
private static boolean keyProviderInitialized = false;
private WSFederationMetaSecurityUtils() {
private static void initializeKeyStore() {
if (keyProviderInitialized) {
} catch (Exception e) {
checkCert = true;
keyProviderInitialized = true;
return null;
throws WSFederationMetaException
throw new WSFederationMetaException(
throw sme;
throw new WSFederationMetaException(
throws WSFederationMetaException
return null;
* This will update both signing/encryption alias on extended metadata and
* @param isIDP true if this is for IDP signing/encryption alias, false
* if this is for SP signing/encryption alias
throws WSFederationMetaException {
if (isIDP) {
if (o instanceof TokenSigningKeyInfoElement) {
if (o instanceof TokenSigningKeyInfoElement) {
} catch (JAXBException e) {
throw new WSFederationMetaException(e);
throws WSFederationMetaException {
return (TokenSigningKeyInfoElement)
} catch (JAXBException e) {
throw new WSFederationMetaException(e);