Version 6

    Please note the new name for the project is "PicketLink"

     

     

    In this article, we will take a look at code samples to do various things with JBoss Identity.  In an ideal setup, you will probably be just configuring your identity providers and/or service providers. But sometime the developers need to perform advance operations that the configuration does not provide or there are advanced usecases that need to be met.  In this case, the API provided by JBoss Identity will be useful.


    SAML v2.0


    How do I create a SAML2 AuthnRequest?

    import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
    
    SAML2Request saml2Request = new SAML2Request();
    AuthnRequestType authnRequest = saml2Request.createAuthnRequestType(id, 
             assertionConsumerURL, 
             destination, 
             issuerValue);
    

     

    How do I create a NameIDType?

    import org.jboss.identity.federation.core.saml.v2.factories.SAMLAssertionFactory;
    import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
    
    NameIDType nameID = SAMLAssertionFactory.createNameID(format, qualifier, value);
    

     

    How do I create a SAML2 Assertion?

    import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
    import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
    
    NameIDType nameID = //create a nameid from the code samples
    
    SAML2Response saml2Response = new SAML2Response();
    AssertionType assertion = saml2Response.createAssertion(id, nameID);
    

     

    How do I get the IssueInstant?

    import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil;
    
    XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant(); 
    


    How do I create an AuthnStatement?

    SAML2Response response = new SAML2Response();
    String authnContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get();
    AuthnStatementType authnStatement = response.createAuthnStatement(authnContextDeclRef, XMLTimeUtil
                .getIssueInstant());
    

     

    How do I create an Authorization Decision Statement?

    SAML2Response response = new SAML2Response();
    AuthzDecisionStatementType response.createAuthzDecisionStatementType(String resource,
             DecisionType decision,
             EvidenceType evidence,
             ActionType[] actions);
    

     

    SAML2-XACML2

     

    Remember to check this article also:  SAMLv2andXACMLv2Integration


    How do I create an XACMLAuthorizationDecisionStatementType?

    import org.jboss.identity.federation.core.factories.XACMLContextFactory;
    import org.jboss.security.xacml.core.model.context.RequestType;
    import org.jboss.security.xacml.core.model.context.ResponseType;
    
    //Using JBossXACML, you need to get to the RequestType and ResponseType
    RequestType request ;
    ResponseType response;
    
    XACMLAuthzDecisionStatementType xacmlStatement =
         XACMLContextFactory.createXACMLAuthzDecisionStatementType(request,response);
    


    How do I parse an XACMLAuthzDecisionQueryType from a stream?

    import org.jboss.identity.federation.core.saml.v2.util.SOAPSAMLXACMLUtil;
    import org.jboss.identity.federation.saml.v2.profiles.xacml.protocol.XACMLAuthzDecisionQueryType;
    import org.jboss.identity.federation.core.util.JAXBUtil;
    import javax.xml.bind.Unmarshaller;
    
    Unmarshaller un = JAXBUtil.getUnmarshaller(SOAPSAMLXACMLUtil.getPackage());
    
    Object unmarshalledObject = un.unmarshal(YOUR_INPUT_STREAM);
    JAXBElement<?> jaxbElement = (JAXBElement<?>) unmarshalledObject;
    Object element = jaxbElement.getValue();
    XACMLAuthzDecisionQueryType xacmlRequest = (XACMLAuthzDecisionQueryType) element;
    

     

    XML Signature


    How do I sign the root of a document?

    import org.jboss.identity.federation.api.util.XMLSignatureUtil;
    import org.w3c.dom.Document;
    import java.security.KeyPair;
    Document signedDoc = XMLSignatureUtil.sign(Document doc, 
             KeyPair keyPair,
             String digestMethod, 
             String signatureMethod,
             String referenceURI);
    

     

     

    How do I sign a particular node in a document?

    Document signedDoc =
           XMLSignatureUtil.sign(Document doc,
             Node nodeToBeSigned,
             KeyPair keyPair,
             String digestMethod, 
             String signatureMethod,
             String referenceURI);
    

     

     

    How do I validate a signed document?

    import org.jboss.identity.federation.api.util.XMLSignatureUtil;
    import java.security.KeyPair;
    import java.security.PrivateKey;
    import java.security.PublicKey;
    
    import org.w3c.dom.Document;
    
    boolean isValid = XMLSignatureUtil.validate(Document signedDoc, Key publicKey);