java saml_Java使用OpenSAML创建一个SAML Assertion（二）

参数资料： OpenSAML官方

需要Jar包：xalan.jar (2.7.1), xercesImpl.jar, xml-apis.jar,opensaml-1.1.jar, xmlsec-20050514.jar,log4j-1.2.5.jar, commons-logging-1.03.jar, commons-codec-1.3.jar

代码案例：import org.opensaml.DefaultBootstrap;

import org.opensaml.Configuration;

import org.opensaml.saml1.core.Assertion;

import org.opensaml.saml1.core.Attribute;

import org.opensaml.saml1.core.AttributeValue;

import org.opensaml.saml1.core.NameIdentifier;

import org.opensaml.saml1.core.Subject;

import org.opensaml.saml1.core.SubjectConfirmation;

import org.opensaml.saml1.core.SubjectStatement;

import org.opensaml.saml1.core.AuthenticationStatement;

import org.opensaml.saml1.core.AttributeStatement;

import org.opensaml.saml1.core.ConfirmationMethod;

import org.opensaml.saml1.core.Conditions;

import org.opensaml.saml1.core.DoNotCacheCondition;

import org.opensaml.saml1.core.impl.AssertionBuilder;

import org.opensaml.saml1.core.impl.AssertionImpl;

import org.opensaml.saml1.core.impl.AssertionMarshaller;

import org.opensaml.saml1.core.impl.SubjectImpl;

import org.opensaml.common.SAMLVersion;

import org.opensaml.common.SAMLObjectBuilder;

import org.opensaml.common.xml.SAMLConstants;

import org.opensaml.xml.XMLObjectBuilder;

import org.opensaml.xml.XMLObjectBuilderFactory;

import org.opensaml.xml.util.XMLHelper;

import org.opensaml.xml.util.XMLHelper;

import org.opensaml.xml.schema.XSString;

import org.w3c.dom.Element;

import org.joda.time.DateTime;

import java.util.Date;

import java.util.HashSet;

import java.util.List;

public class AMUserAssertion {

private static String strIssuer = "Example:FrontEnd";

private static String strNameID = "testUserID";

private static String strNameQualifier = "Example:FrontEnd";

private static String strNamespace = "urn:bea:security:saml:groups";

private static String strAttrName = "Groups";

private static String strAuthMethod = "SunAccessManager";

public static void main(String args[]) {

try {

// OpenSAML 2.3

DefaultBootstrap.bootstrap();

XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

// Create the NameIdentifier

SAMLObjectBuilder nameIdBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(NameIdentifier.DEFAULT_ELEMENT_NAME);

NameIdentifier nameId = nameIdBuilder.buildObject();

nameId.setNameIdentifier(strNameID);

nameId.setNameQualifier(strNameQualifier);

nameId.setFormat(NameIdentifier.UNSPECIFIED);

// Create the SubjectConfirmation

SAMLObjectBuilder confirmationMethodBuilder = (SAMLObjectBuilder)  builderFactory.getBuilder(ConfirmationMethod.DEFAULT_ELEMENT_NAME);

ConfirmationMethod confirmationMethod = confirmationMethodBuilder.buildObject();

confirmationMethod.setConfirmationMethod("urn:oasis:names:tc:SAML:1.0:cm:sender-vouches");

SAMLObjectBuilder subjectConfirmationBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(SubjectConfirmation.DEFAULT_ELEMENT_NAME);

SubjectConfirmation subjectConfirmation = subjectConfirmationBuilder.buildObject();

subjectConfirmation.getConfirmationMethods().add(confirmationMethod);

// Create the Subject

SAMLObjectBuilder subjectBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Subject.DEFAULT_ELEMENT_NAME);

Subject subject = subjectBuilder.buildObject();

subject.setNameIdentifier(nameId);

subject.setSubjectConfirmation(subjectConfirmation);

// Create Authentication Statement

SAMLObjectBuilder authStatementBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(AuthenticationStatement.DEFAULT_ELEMENT_NAME);

AuthenticationStatement authnStatement = authStatementBuilder.buildObject();

authnStatement.setSubject(subject);

authnStatement.setAuthenticationMethod(strAuthMethod);

authnStatement.setAuthenticationInstant(new DateTime());

// Create the attribute statement

SAMLObjectBuilder attrBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Attribute.DEFAULT_ELEMENT_NAME);

Attribute attrGroups = attrBuilder.buildObject();

attrGroups.setAttributeName("Groups");

XMLObjectBuilder stringBuilder = builderFactory.getBuilder(XSString.TYPE_NAME);

XSString attrNewValue = (XSString) stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);

attrNewValue.setValue("AssetManager");

attrGroups.getAttributeValues().add(attrNewValue);

SAMLObjectBuilder attrStatementBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(AttributeStatement.DEFAULT_ELEMENT_NAME);

AttributeStatement attrStatement = attrStatementBuilder.buildObject();

attrStatement.getAttributes().add(attrGroups);

// attrStatement.setSubject(subject);

// Create the do-not-cache condition

SAMLObjectBuilder doNotCacheConditionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(DoNotCacheCondition.DEFAULT_ELEMENT_NAME);

DoNotCacheCondition condition = doNotCacheConditionBuilder.buildObject();

SAMLObjectBuilder conditionsBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Conditions.DEFAULT_ELEMENT_NAME);

Conditions conditions = conditionsBuilder.buildObject();

conditions.getConditions().add(condition);

// Create the assertion

SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);

Assertion assertion = assertionBuilder.buildObject();

assertion.setIssuer(strIssuer);

assertion.setIssueInstant(new DateTime());

assertion.setVersion(SAMLVersion.VERSION_10);

assertion.getAuthenticationStatements().add(authnStatement);

assertion.getAttributeStatements().add(attrStatement);

assertion.setConditions(conditions);

// Print the assertion to standard output

AssertionMarshaller marshaller = new AssertionMarshaller();

Element element = marshaller.marshall(assertion);

System.out.println("AMUserAssertion (SAML 1):\\n");

System.out.println(XMLHelper.prettyPrintXML(element));

}

catch (Exception e) {

e.printStackTrace();

}

}

}

输出内容：<?xml  version="1.0" encoding="UTF-8"?>

testUserIDlt;/saml1:NameIdentifier>

urn:oasis:names:tc:SAML:1.0:cm:sender-vouches

AssetManager