Mercurial > dive4elements > river

comparison gwt-client/src/main/java/org/dive4elements/river/client/server/auth/saml/TicketValidator.java @ 8203:238fc722f87a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sed 's/logger/log/g' src/**/*.java
author Sascha L. Teichmann <teichmann@intevation.de>
date Fri, 05 Sep 2014 13:19:22 +0200
parents 7b0db743f074
children 2c8259176c46
comparison
equal deleted inserted replaced
8202:e4606eae8ea5 8203:238fc722f87a
36 * Validator for SAML tickets. 36 * Validator for SAML tickets.
37 */ 37 */
38 public class TicketValidator { 38 public class TicketValidator {
39 39
40 /** 40 /**
41 * The logger used by the TicketValidator instances. 41 * The log used by the TicketValidator instances.
42 */ 42 */
43 private static Logger logger = Logger.getLogger(TicketValidator.class); 43 private static Logger log = Logger.getLogger(TicketValidator.class);
44 44
45 /** 45 /**
46 * The trusted Key for signature checks. 46 * The trusted Key for signature checks.
47 */ 47 */
48 private Key trustedKey; 48 private Key trustedKey;
94 context.setProperty("javax.xml.crypto.dsig.cacheReference", true); 94 context.setProperty("javax.xml.crypto.dsig.cacheReference", true);
95 95
96 XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM"); 96 XMLSignatureFactory factory = XMLSignatureFactory.getInstance("DOM");
97 XMLSignature signature = factory.unmarshalXMLSignature(context); 97 XMLSignature signature = factory.unmarshalXMLSignature(context);
98 if (!signature.validate(context)) { 98 if (!signature.validate(context)) {
99 logger.error("Signature of SAML ticket could not be validated."); 99 log.error("Signature of SAML ticket could not be validated.");
100 return null; 100 return null;
101 } 101 }
102 102
103 Element assertionElement = extractAssertion(signature, context); 103 Element assertionElement = extractAssertion(signature, context);
104 if (assertionElement == null) { 104 if (assertionElement == null) {
105 logger.error("Could not extract assertion from signed content."); 105 log.error("Could not extract assertion from signed content.");
106 return null; 106 return null;
107 } 107 }
108 108
109 Assertion assertion = new Assertion(assertionElement); 109 Assertion assertion = new Assertion(assertionElement);
110 if (!assertion.isValidNow()) { 110 if (!assertion.isValidNow()) {
111 logger.error("Ticket is not valid now" 111 log.error("Ticket is not valid now"
112 + " (NotBefore: " + assertion.getFrom() 112 + " (NotBefore: " + assertion.getFrom()
113 + ", NotOnOrAfter: " + assertion.getUntil()); 113 + ", NotOnOrAfter: " + assertion.getUntil());
114 return null; 114 return null;
115 } 115 }
116 116
http://dive4elements.wald.intevation.org