Skip Headers
Oracle® Security Developer Tools Reference
10g Release 2 (10.1.2)
B15975-01
  Go To Documentation Library
Home
Go To Product List
Solution Area
Go To Table Of Contents
Contents
Go To Index
Index

Previous
Previous
Next
Next
 

11 Oracle Liberty SDK

The Liberty Alliance is an open organization that was founded with the goal of allowing individuals and businesses to engage in virtually any transaction without compromising the privacy and security of vital identity information. Specifications issued by the Liberty Alliance are based on an open identity federation framework, allowing partner companies to form business relationships based on a cross-organizational, federated network identity model.

This chapter describes the features and benefits of the Oracle Liberty SDK, and explains how to set up your environment and use Oracle Liberty SDK.

This chapter contains these topics:

11.1 Features and Benefits of Oracle Liberty SDK

Oracle Liberty SDK allows Java developers to design and develop single sign-on (SSO) and federated identity management (FIM) solutions. Oracle Liberty SDK aims to unify, simplify, and extend all aspects of development and integration of systems conforming to the Liberty Alliance ID-FF 1.1 and 1.2 specifications.

Oracle Liberty SDK 1.1 and 1.2 enable simplified software development through the use of an intuitive and straightforward Java API. The toolkits provide tools, information, and examples to help you develop solutions that conform to the Liberty Alliance specifications. The toolkits can also be seamlessly integrated into any existing Java solution, including applets, applications, EJBs, servlets, JSPs, and so on.

The Oracle Liberty SDK is a pure java solution which provides the following features:


See Also:

You can find the Liberty Alliance specifications at http://www.projectliberty.org/resources/specifications.php.

11.2 Oracle Liberty 1.1

This section explains how to set up your environment for and use Oracle Liberty 1.1, and describes the classes and interfaces of Oracle Liberty 1.1. It contains the following topics:

11.2.1 Setting Up Your Oracle Liberty 1.1 Environment

The Oracle Security Developer Tools are installed with Oracle Application Server in ORACLE_HOME.

This section explains how to set up your environment for Oracle Liberty 1.1. It contains these topics:

11.2.1.1 System Requirements for Oracle Liberty 1.1

In order to use Oracle Liberty 1.1, your system must have the Java Development Kit (JDK) version 1.2.2 or higher.

11.2.1.2 Setting the CLASSPATH Environment Variable

Your CLASSPATH environment variable must contain the full path and file names to all of the required jar and class files. Make sure the following items are included in your CLASSPATH:

  • osdt_core.jar

  • osdt_cert.jar

  • osdt_xmlsec.jar

  • osdt_saml.jar

  • Thejaxen.jar file (Jaxen XPath engine, included with your Oracle XML Security distribution)

  • the osdt_lib_v11.jar file

11.2.1.2.1 Setting the CLASSPATH on Windows

To set the CLASSPATH on Windows:

  1. In your Windows Control Panel, select System.

  2. In the System Properties dialog, select the Advanced tab.

  3. Click Environment Variables.

  4. In the User Variables section, click New to add a CLASSPATH environment variable for your user profile. If a CLASSPATH environment variable already exists, select it and click Edit.

  5. Add the full path and file names for all of the required jar files to the CLASSPATH.

    For example, your CLASSPATH might look like this:

    %CLASSPATH%;C:\ORACLE_HOME\jlib\osdt_core.jar;
    C:\ORACLE_HOME\jlib\osdt_cert.jar;
    C:\ORACLE_HOME\jlib\osdt_xmlsec.jar;
    C:\ORACLE_HOME\jlib\osdt_saml.jar;
    C:\ORACLE_HOME\jlib\jaxen.jar;
    C:\ORACLE_HOME\jlib\osdt_lib_v11.jar;
    
    
  6. Click OK.

11.2.1.2.2 Setting the CLASSPATH on UNIX

To set your CLASSPATH on UNIX, set your CLASSPATH environment variable to include the full path and file name of all of the required jar and class files. For example:

setenv CLASSPATH $CLASSPATH:$ORACLE_HOME/jlib/osdt_core.jar:\
$ORACLE_HOME/jlib/osdt_cert.jar:\
$ORACLE_HOME/jlib/osdt_xmlsec.jar:\
$ORACLE_HOME/jlib/osdt_saml.jar:\
$ORACLE_HOME/jlib/jaxen.jar:\
$ORACLE_HOME/jlib/osdt_lib_v11.jar

11.2.2 Overview of Oracle Liberty 1.1 Classes and Interfaces

This section introduces some useful classes and interfaces of Oracle Liberty SDK v. 1.1. It contains these topics:

11.2.2.1 Core Classes and Interfaces

This section describes core classes and interfaces of the Oracle Liberty SDK v. 1.1.

The core classes are:

11.2.2.1.1 The oracle.security.xmlsec.liberty.v11.AuthnRequest Class

This class represents the AuthnRequest element of the Liberty protocol schema.

Example 11-1 shows how to create a new AuthnRequest element and append it to a document.

Example 11-1 Creating an AuthnRequest Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
AuthnRequest authnRequest = new AuthnRequest(doc);
doc.getDocumentElement().appendChild(authnRequest);

Example 11-2 shows how to obtain AuthnRequest elements from an XML document.

Example 11-2 Obtaining AuthnRequest Elements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all AuthnRequest elements in the document.
NodeList arList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty, "AuthnRequest"); 
if (arList.getLength() == 0)
    System.err.println("No AuthnRequest elements found.");
 
// Convert each org.w3c.dom.Node object to an
// oracle.security.xmlsec.liberty.v11.AuthnRequest object and process
for (int s = 0, n = arList.getLength(); s < n; ++s)
{
    AuthnRequest authnRequest = 
        new AuthnRequest((Element)arList.item(s)); 

    // Process AuthnRequest element
    ...
}

11.2.2.1.2 The oracle.security.xmlsec.liberty.v11.AuthnResponse Class

This class represents the AuthnResponse element of the Liberty protocol schema.

Example 11-3 shows how to create a new AuthnResponse element and append it to a document.

Example 11-3 Creating an AuthnResponse Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
AuthnResponse authnResponse = new AuthnResponse(doc);
doc.getDocumentElement().appendChild(authnResponse);

Example 11-4 shows how to obtain AuthnResponse elements from an XML document.

Example 11-4 Obtaining AuthnResponse elements from a Document

Document doc = Instance of org.w3c.dom.Document;

// Get list of all AuthnResponse elements in the document.
NodeList arList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty, "AuthnResponse");
if (arList.getLength() == 0)
    System.err.println("No AuthnResponse elements found.");
 
// Convert each org.w3c.dom.Node object to an
// oracle.security.xmlsec.liberty.v11.AuthnResponse object and process
for (int s = 0, n = arList.getLength(); s < n; ++s)
{
    AuthnResponse authnResponse = 
        new AuthnResponse((Element)arList.item(s)); 
    // Process AuthnResponse element
    ...
}
11.2.2.1.3 The oracle.security.xmlsec.liberty.v11.FederationTerminationNotification Class

This class represents the FederationTerminationNotification element of the Liberty protocol schema.

Example 11-5 shows how to create a new federation termination notification element and append it to a document.

Example 11-5 Creating a FederationTerminationNotification Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
FederationTerminationNotification ftn = 
    new FederationTerminationNotification(doc);
doc.getDocumentElement().appendChild(ftn);

Example 11-6 shows how to obtain federation termination notification elements from an XML document.

Example 11-6 Obtaining FederationTerminationNotification Elements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all FederationTerminationNotification elements in the document
	 NodeList ftnList = doc.getElementsByTagNameNS(LibertyURI.ns_liberty, 
    "FederationTerminationNotification");
if (ftnList.getLength() == 0)
    System.err.println("No FederationTerminationNotification elements found.");
 
// Convert each org.w3c.dom.Node object to an 
// oracle.security.xmlsec.liberty.v11.FederationTerminationNotification 
// object and process
for (int s = 0, n = ftnList.getLength(); s < n; ++s)
{
    FederationTerminationNotification ftn =
         new FederationTerminationNotification((Element)ftnList.item(s));

    // Process FederationTerminationNotification element
    ...
}

11.2.2.1.4 The oracle.security.xmlsec.liberty.v11.LogoutRequest Class

This class represents the LogoutRequest element of the Liberty protocol schema.

Example 11-7 shows how to create a new LogoutRequest element and append it to a document.

Example 11-7 Creating a LogoutRequest Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
LogoutRequest lr = new LogoutRequest(doc);
doc.getDocumentElement().appendChild(lr);

Example 11-8 shows how to obtain LogoutRequest elements from an XML document.

Example 11-8 Obtaining LogoutRequest Elements from an XML Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all LogoutRequest elements in the document.
NodeList lrList = doc.getElementsByTagNameNS(LibertyURI.ns_liberty, 
    "LogoutRequest");
if (lrList.getLength() == 0)
    System.err.println("No LogoutRequest elements found.");
 
// Convert each org.w3c.dom.Node object to an 
// oracle.security.xmlsec.liberty.v11.LogoutRequest
// object and process
for (int s = 0, n = lrList.getLength(); s < n; ++s)
{
    LogoutRequest lr = new LogoutRequest((Element)lrList.item(s));

    // Process LogoutRequest element
    ...
}

11.2.2.1.5 The oracle.security.xmlsec.liberty.v11.LogoutResponse Class

This class represents the LogoutResponse element of the Liberty protocol schema.

Example 11-9 shows how to create a new LogoutResponse element and append it to a document.

Example 11-9 Creating a LogoutResponse Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
LogoutResponse lr = new LogoutResponse(doc);
doc.getDocumentElement().appendChild(lr);

Example 11-10 shows how to obtain LogoutResponse elements from an XML document.

Example 11-10 Obtaining LogoutResponse elements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all LogoutResponse elements in the document.
NodeList lrList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty, "LogoutResponse");
if (lrList.getLength() == 0)
    System.err.println("No LogoutResponse elements found.");
 
// Convert each org.w3c.dom.Node object to an 
// oracle.security.xmlsec.liberty.v11.LogoutResponse
// object and process
for (int s = 0, n = lrList.getLength(); s < n; ++s)
{
    LogoutResponse lr = new LogoutResponse((Element)lrList.item(s));
			
    // Process LogoutResponse element
    ...
}

11.2.2.1.6 The oracle.security.xmlsec.liberty.v11.RegisterNameIdentifierRequest Class

This class represents the RegisterNameIdentifierRequest element of the Liberty protocol schema.

Example 11-11 shows how to create a new RegisterNameIdentifierRequest element and append it to a document.

Example 11-11 Creating a RegisterNameIdentifierRequest Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
RegisterNameIdentifierRequest rnir = 
    new RegisterNameIdentifierRequest(doc);
doc.getDocumentElement().appendChild(rnir);

Example 11-12 shows how to obtain RegisterNameIdentifierRequest elements from an XML document.

Example 11-12 Obtaining RegisterNameIdentifierRequest Elements from an XML Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all RegisterNameIdentifierRequest elements in the document
NodeList rnirList = doc.getElementsByTagNameNS(LibertyURI.ns_liberty, 
    "RegisterNameIdentifierRequest");
if (rnirList.getLength() == 0)
    System.err.println("No RegisterNameIdentifierRequest elements found.");
 
// Convert each org.w3c.dom.Node object to an 
//oracle.security.xmlsec.liberty.v11.RegisterNameIdentifierRequest
// object and process
for (int s = 0, n = rnirList.getLength(); s < n; ++s)
{
    RegisterNameIdentifierRequest rnir = new 
        RegisterNameIdentifierRequest((Element)rnirList.item(s));
			
    // Process RegisterNameIdentifierRequest element
    ...
}

11.2.2.1.7 The oracle.security.xmlsec.liberty.v11.RegisterNameIdentifierResponse Class

This class represents the RegisterNameIdentifierResponse element of the Liberty protocol schema.

Example 11-13 shows how to create a new RegisterNameIdentifierResponse element and append it to a document.

Example 11-13 Creating a RegisterNameIdentifierResponse Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
RegisterNameIdentifierResponse rnir = new RegisterNameIdentifierResponse(doc);
doc.getDocumentElement().appendChild(rnir);

Example 11-14 shows how to obtain RegisterNameIdentifierResponse elements from an XML document.

Example 11-14 Obtaining RegisterNameIdentifierResponse Elements from an XML Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all RegisterNameIdentifierResponse elements in the document
NodeList rnirList = doc.getElementsByTagNameNS(LibertyURI.ns_liberty, 
    "RegisterNameIdentifierResponse");
if (rnirList.getLength() == 0)
    System.err.println("No RegisterNameIdentifierResponse elements found.");
 
// Convert each org.w3c.dom.Node object to an 
// oracle.security.xmlsec.liberty.v11.RegisterNameIdentifierResponse
// object and process
for (int s = 0, n = rnirList.getLength(); s < n; ++s)
{
    RegisterNameIdentifierResponse rnir = new 
        RegisterNameIdentifierResponse((Element)rnirList.item(s));

    // Process RegisterNameIdentifierResponse element
    ...
}

11.2.2.2 Supporting Classes and Interfaces

This section describes supporting classes and interfaces of Oracle Liberty SDK v. 1.1:

  • The oracle.security.xmlsec.liberty.v11.LibertyInitializer class

  • The oracle.security.xmlsec.liberty.v11.LibertyURI interface

  • The oracle.security.xmlsec.liberty.v11.ac.AuthenticationContextURI interface

  • The oracle.security.xmlsec.util.ac.AuthenticationContextStatement class

  • The oracle.security.xmlsec.saml.SAMLURI interface

  • The oracle.security.xmlsec.saml.SAMLMessage class

11.2.2.2.1 The oracle.security.xmlsec.liberty.v11.LibertyInitializer class

The oracle.security.xmlsec.liberty.v11.LibertyInitializer class handles load-time initialization and configuration of the Oracle Liberty SDK library. You must call this class's static initialize() method before making any calls to the Oracle Liberty SDK API.

11.2.2.2.2 The oracle.security.xmlsec.liberty.v11.LibertyURI interface

The oracle.security.xmlsec.liberty.v11.LibertyURI interface defines URI string constants for algorithms, namespaces and objects. The following naming convention is used:

  • Algorithm URIs begin with "alg_".

  • Namespace URIs begin with "ns_".

  • Object type URIs begin with "obj_".

  • Liberty profile namespace URIs begin with "prof_".

11.2.2.2.3 The oracle.security.xmlsec.liberty.v11.ac.AuthenticationContextURI interface

The oracle.security.xmlsec.liberty.v11.ac.AuthenticationContextURI interface defines URI string constants for algorithms, namespaces and objects. The following naming convention is used:

  • Algorithm URIs begin with "alg_".

  • Namespace URIs begin with "ns_".

  • Object type URIs begin with "obj_".

11.2.2.2.4 The oracle.security.xmlsec.util.ac.AuthenticationContextStatement class

The oracle.security.xmlsec.util.ac.AuthenticationContextStatement class is an abstract class representing the top-level AuthenticationContextStatement element of the Liberty authentication context schema. Each concrete implementation of this class represents a respective class defined in the Liberty Authentication Context Specification.

11.2.2.2.5 The oracle.security.xmlsec.saml.SAMLURI Interface

The oracle.security.xmlsec.saml.SAMLURI interface defines URI string constants for algorithms, namespaces and objects. The following naming convention is used:

  • Action namespace URIs defined in the SAML 1.0 specifications begin with "action_"

  • Authentication method namespace URIs defined in the SAML 1.0 specifications begin with "authentication_method_".

  • Confirmation method namespace URIs defined in the SAML 1.0 specifications begin with "confirmation_method_".

  • Namespace URIs begin with "ns_".

11.2.2.2.6 The oracle.security.xmlsec.saml.SAMLMessage class

The oracle.security.xmlsec.saml.SAMLMessage class is the base class for all the SAML and SAML extension messages that may be signed and contain an XML-DSIG structure.

11.2.3 The Oracle Liberty SDK v. 1.1 API Reference

The Oracle Liberty SDK version 1.1 API Reference is available at:

Oracle Liberty SDK 1.1 Java API Reference

11.3 Oracle Liberty 1.2

This section describes the classes and interfaces of Oracle Liberty 1.2, and explains how to set up your environment and use Oracle Liberty 1.2. It contains these sections:

11.3.1 Setting Up Your Oracle Liberty 1.2 Environment

The Oracle Security Developer Tools are installed with Oracle Application Server in ORACLE_HOME.

This section explains how to set up your environment for Oracle Liberty 1.2. It contains these topics:

11.3.1.1 System Requirements for Oracle Liberty 1.2

In order to use Oracle Liberty 1.2, your system must have the Java Development Kit (JDK) version 1.2.2 or higher. Also, make sure that your PATH environment variable includes the Java bin directory.

11.3.1.2 Setting the CLASSPATH Environment Variable

Your CLASSPATH environment variable must contain the full path and file names to all of the required jar and class files. Make sure the following items are included in your CLASSPATH:

  • osdt_core.jar

  • osdt_cert.jar

  • osdt_xmlsec.jar

  • osdt_saml.jar

  • The jaxen.jar file (Jaxen XPath engine, included with your Oracle XML Security distribution)

  • osdt_lib_v12.jar

11.3.1.2.1 Setting the CLASSPATH on Windows

To set the CLASSPATH on Windows:

  1. In your Windows Control Panel, select System.

  2. In the System Properties dialog, select the Advanced tab.

  3. Click Environment Variables.

  4. In the User Variables section, click New to add a CLASSPATH environment variable for your user profile. If a CLASSPATH environment variable already exists, select it and click Edit.

  5. Add the full path and file names for all of the required jar files to the CLASSPATH.

    For example, your CLASSPATH might look like this:

    %CLASSPATH%;C:\ORACLE_HOME\jlib\osdt_core.jar;
    C:\ORACLE_HOME\jlib\osdt_cert.jar;
    C:\ORACLE_HOME\jlib\osdt_xmlsec.jar;
    C:\ORACLE_HOME\jlib\osdt_saml.jar;
    C:\ORACLE_HOME\jlib\jaxen\jaxen.jar;
    C:\ORACLE_HOME\jlib\osdt_lib_v12.jar;
    
    
  6. Click OK.

11.3.1.2.2 Setting the CLASSPATH on Unix

On Unix, set your CLASSPATH environment variable to include the full path and file name of all of the required jar and class files. For example:

setenv CLASSPATH $CLASSPATH:$ORACLE_HOME/jlib/osdt_core.jar:\
$ORACLE_HOME/jlib/osdt_cert.jar:\
$ORACLE_HOME/jlib/osdt_xmlsec.jar:\
$ORACLE_HOME/jlib/osdt_saml.jar:\
$ORACLE_HOME/jlib/jaxen/jaxen.jar:\
$ORACLE_HOME/jlib/osdt_lib_v12.jar

11.3.2 Overview of Oracle Liberty 1.2 Classes and Interfaces

This section introduces some useful classes and interfaces of Oracle Liberty SDK v. 1.2. It contains these topics:

11.3.2.1 Core Classes and Interfaces

This section describes core classes and interfaces of the Oracle Liberty SDK, v. 1.2.

The core classes are:

11.3.2.1.1 The oracle.security.xmlsec.saml.Assertion class

The oracle.security.xmlsec.saml.Assertion class represents the Assertion element of the SAML Assertion schema.

Example 11-15 shows how to create a new assertion element and append it to a document.

Example 11-15 Creating an Assertion element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
Assertion assertion = new Assertion(doc);
doc.getDocumentElement().appendChild(assertion);

Example 11-16 shows how to obtain assertion elements from an XML document.

Example 11-16 Obtaining Assertion Elements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all Assertion elements in the document
NodeList assrtList = 
    doc.getElementsByTagNameNS(SAMLURI.ns_saml, "Assertion");
if (assrtList.getLength() == 0)
    System.err.println("No Assertion elements found.");
 
// Convert each org.w3c.dom.Node object to 
// an oracle.security.xmlsec.saml.Assertion
// object and process
for (int s = 0, n = assrtList.getLength(); s < n; ++s)
{
    Assertion assertion = new Assertion((Element)assrtList.item(s));

    // Process Assertion element
    ...
}

11.3.2.1.2 The oracle.security.xmlsec.samlp.Request class

The oracle.security.xmlsec.samlp.Request class represents the Request element of the SAML Protocol schema.

Example 11-17 shows how to create a new Request element and append it to a document.

Example 11-17 Creating a Request element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
Request request = new Request(doc);
doc.getDocumentElement().appendChild(request);

Example 11-18 shows how to obtain Request elements from an XML document.

Example 11-18 Obtaining Request Elements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all Request elements in the document
NodeList reqList = 
    doc.getElementsByTagNameNS(SAMLURI.ns_samlp, "Request");
if (reqList.getLength() == 0)
    System.err.println("No Request elements found.");

// Convert each org.w3c.dom.Node object to an 
// oracle.security.xmlsec.samlp.Request
// object and process
for (int s = 0, n = reqList.getLength(); s < n; ++s)
{
    Request request = new Request((Element)reqList.item(s));

    // Process Request element
    ...
}

11.3.2.1.3 The oracle.security.xmlsec.samlp.Response class

The oracle.security.xmlsec.samlp.Response class represents the Response element of the SAML Protocol schema.

Example 11-19 shows how to create a new element and append it to a document.

Example 11-19 Creating a Response Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
Response response = new Response(doc);
doc.getDocumentElement().appendChild(response);

Example 11-20 shows how to obtain Response elements from an XML document.

Example 11-20 Obtaining Response Elements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all Response elements in the document
NodeList respList = 
    doc.getElementsByTagNameNS(SAMLURI.ns_samlp, "Response");
if (respList.getLength() == 0)
    System.err.println("No Response elements found.");
 
// Convert each org.w3c.dom.Node object to an 
// oracle.security.xmlsec.samlp.Response
// object and process
for (int s = 0, n = respList.getLength(); s < n; ++s)
{
    Response response = new Response((Element)respList.item(s));

    // Process Response element
    ...
}

11.3.2.1.4 The oracle.security.xmlsec.liberty.v12.AuthnRequest class

The oracle.security.xmlsec.liberty.v12.AuthnRequest class represents the AuthnRequest element of the Liberty protocol schema.

Example 11-21 shows how to create a new authorization request element and append it to a document.

Example 11-21 Creating an AuthnRequest Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
AuthnRequest authnRequest = new AuthnRequest(doc);
doc.getDocumentElement().appendChild(authnRequest);

Example 11-22 shows how to obtain AuthnRequest elements from an XML document.

Example 11-22 Obtaining AuthnRequest Eements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all AuthnRequest elements in the document
NodeList arList = doc.getElementsByTagNameNS(LibertyURI.ns_liberty, "AuthnRequest");

if (arList.getLength() == 0)
    System.err.println("No AuthnRequest elements found.");
 
// Convert each org.w3c.dom.Node object to
// an oracle.security.xmlsec.liberty.v12.AuthnRequest
// object and process
for (int s = 0, n = arList.getLength(); s < n; ++s)
{
    AuthnRequest authnRequest = new AuthnRequest((Element)arList.item(s));

    // Process AuthnRequest element
    ...
}

11.3.2.1.5 The oracle.security.xmlsec.liberty.v12.AuthnResponse class

The oracle.security.xmlsec.liberty.v12.AuthnResponse class represents the AuthnResponse element of the Liberty protocol schema.

Example 11-23 shows how to create a new authorization response element and append it to a document.

Example 11-23 Creating an AuthnResponse Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
AuthnResponse authnResponse = new AuthnResponse(doc);
doc.getDocumentElement().appendChild(authnResponse);

Example 11-24 shows how to obtain AuthnResponse elements from an XML document.

Example 11-24 Obtaining AuthnResponse Eements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all AuthnResponse elements in the document.
NodeList arList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty, "AuthnResponse");
if (arList.getLength() == 0)
    System.err.println("No AuthnResponse elements found.");
 
// Convert each org.w3c.dom.Node object to 
// an oracle.security.xmlsec.liberty.v12.AuthnResponse
// object and process
for (int s = 0, n = arList.getLength(); s < n; ++s)
{
    AuthnResponse authnResponse = 
        new AuthnResponse((Element)arList.item(s));

    // Process AuthnResponse element
    ...
}

11.3.2.1.6 The oracle.security.xmlsec.liberty.v12.FederationTerminationNotification class

The oracle.security.xmlsec.liberty.v12.FederationTerminationNotification class represents the FederationTerminationNotification element of the Liberty protocol schema.

Example 11-25 shows how to create a new federation termination notification element and append it to a document.

Example 11-25 Creating a DocumentFederationTerminationNotification Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
FederationTerminationNotification ftn = 
    new FederationTerminationNotification(doc);
doc.getDocumentElement().appendChild(ftn);

Example 11-26 shows how to obtain federation termination notification elements from an XML document.

Example 11-26 Obtaining FederationTerminationNotification Elements from a Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all FederationTerminationNotification elements in the document
NodeList ftnList = doc.getElementsByTagNameNS(LibertyURI.ns_liberty,
    "FederationTerminationNotification");
if (ftnList.getLength() == 0)
    System.err.println("No FederationTerminationNotification elements found.");
 
// Convert each org.w3c.dom.Node object to an
// oracle.security.xmlsec.liberty.v12.FederationTerminationNotification
// object and process
for (int s = 0, n = ftnList.getLength(); s < n; ++s)
{
    FederationTerminationNotification ftn = new 
        FederationTerminationNotification((Element)ftnList.item(s));

    // Process FederationTerminationNotification element
    ...
}

11.3.2.1.7 The oracle.security.xmlsec.liberty.v12.LogoutRequest class

The oracle.security.xmlsec.liberty.v12.LogoutRequest class represents the LogoutRequest element of the Liberty protocol schema.

Example 11-27 shows how to create a new element and append it to a document.

Example 11-27 Creating a new LogoutRequest Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
LogoutRequest lr = new LogoutRequest(doc);
doc.getDocumentElement().appendChild(lr);

Example 11-28 shows how to obtain logout request elements from an XML document.

Example 11-28 Obtaining LogoutRequest Elements from an XML Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all LogoutRequest elements in the document
NodeList lrList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty, "LogoutRequest");
if (lrList.getLength() == 0)
    System.err.println("No LogoutRequest elements found.");
 
// Convert each org.w3c.dom.Node object to
// an oracle.security.xmlsec.liberty.v12.LogoutRequest
// object and process
for (int s = 0, n = lrList.getLength(); s < n; ++s)
{
    LogoutRequest lr = new LogoutRequest((Element)lrList.item(s));

    // Process LogoutRequest element
    ...
}

11.3.2.1.8 The oracle.security.xmlsec.liberty.v12.LogoutResponse class

The oracle.security.xmlsec.liberty.v12.LogoutResponse class represents the LogoutResponse element of the Liberty protocol schema.

Example 11-29 shows how to create a new logout response element and append it to a document.

Example 11-29 Creating a new LogoutResponse Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
LogoutResponse lr = new LogoutResponse(doc);
doc.getDocumentElement().appendChild(lr);
 

Example 11-30 shows how to obtain logout response elements from an XML document.

Example 11-30 Obtaining LogoutResponse Elements from an XML Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all LogoutResponse elements in the document
NodeList lrList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty, "LogoutResponse");
if (lrList.getLength() == 0)
    System.err.println("No LogoutResponse elements found.");
 
// Convert each org.w3c.dom.Node object to
// an oracle.security.xmlsec.liberty.v12.LogoutResponse
// object and process
for (int s = 0, n = lrList.getLength(); s < n; ++s)
{
    LogoutResponse lr = new LogoutResponse((Element)lrList.item(s));

    // Process LogoutResponse element
    ...
}

11.3.2.1.9 The oracle.security.xmlsec.liberty.v12.RegisterNameIdentifierRequest class

The oracle.security.xmlsec.liberty.v12.RegisterNameIdentifierRequest class represents the RegisterNameIdentifierRequest element of the Liberty protocol schema.

Example 11-31 shows how to create a new RegisterNameIdentifierRequest element and append it to a document.

Example 11-31 Creating a new RegisterNameIdentifierRequest Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
RegisterNameIdentifierRequest rnir = new RegisterNameIdentifierRequest(doc);
doc.getDocumentElement().appendChild(rnir);

Example 11-32 shows how to obtain RegisterNameIdentifierRequest elements from an XML document.

Example 11-32 Obtaining RegisterNameIdentifierRequest Elements from an XML Document

Document doc = Instance of org.w3c.dom.Document;
 
// Get list of all 
// RegisterNameIdentifierRequest elements 
// in the document
NodeList rnirList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty,
    "RegisterNameIdentifierRequest");
if (rnirList.getLength() == 0)
    System.err.println("No RegisterNameIdentifierRequest elements found.");
 
// Convert each org.w3c.dom.Node object to a 
// oracle.security.xmlsec.liberty.v12.RegisterNameIdentifierRequest
// object and process
for (int s = 0, n = rnirList.getLength(); s < n; ++s)
{
    RegisterNameIdentifierRequest rnir =
         new RegisterNameIdentifierRequest((Element)rnirList.item(s));

    // Process RegisterNameIdentifierRequest element
    ...
}

11.3.2.1.10 The oracle.security.xmlsec.liberty.v12.RegisterNameIdentifierResponse class

The oracle.security.xmlsec.liberty.v12.RegisterNameIdentifierResponse class represents the RegisterNameIdentifierResponse element of the Liberty protocol schema.

Example 11-33 shows how to create a new RegisterNameIdentifierResponse element and append it to a document.

Example 11-33 Creating a New RegisterNameIdentifierResponse Element and Appending it to a Document

Document doc = Instance of org.w3c.dom.Document;
RegisterNameIdentifierResponse rnir = 
    new RegisterNameIdentifierResponse(doc);
doc.getDocumentElement().appendChild(rnir);

Example 11-34 shows how to obtain RegisterNameIdentifierResponse elements from an XML document.

Example 11-34 Obtaining RegisterNameIdentifierResponse Elements from a Document

Document doc = Instance of org.w3c.dom.Document;

// Get list of all RegisterNameIdentifierResponse elements in the document
NodeList rnirList = 
    doc.getElementsByTagNameNS(LibertyURI.ns_liberty, 
        "RegisterNameIdentifierResponse");

if (rnirList.getLength() == 0)
    System.err.println("No RegisterNameIdentifierResponse elements found.");
 
// Convert each org.w3c.dom.Node object to an 
// oracle.security.xmlsec.liberty.v12.RegisterNameIdentifierResponse
// object and process
for (int s = 0, n = rnirList.getLength(); s < n; ++s)
{
    RegisterNameIdentifierResponse rnir = new 
        RegisterNameIdentifierResponse((Element)rnirList.item(s));

    // Process RegisterNameIdentifierResponse element
    ...
}

11.3.2.2 Supporting Classes and Interfaces

This section describes supporting classes and interfaces of Oracle Liberty SDK v. 1.2:

  • The oracle.security.xmlsec.liberty.v12.LibertyInitializer class

  • The oracle.security.xmlsec.liberty.v12.LibertyURI interface

  • The oracle.security.xmlsec.util.ac.AuthenticationContextStatement class

  • The oracle.security.xmlsec.saml.SAMLInitializer class

  • The oracle.security.xmlsec.saml.SAMLURI interface

11.3.2.2.1 The oracle.security.xmlsec.liberty.v12.LibertyInitializer class

This class handles load-time initialization and configuration of the Oracle Liberty SDK 1.2 library. You must call this class's static initialize() method before making any calls to the Oracle Liberty SDK 1.2 API.

11.3.2.2.2 The oracle.security.xmlsec.liberty.v12.LibertyURI interface

This interface defines URI string constants for algorithms, namespaces, and objects.

11.3.2.2.3 The oracle.security.xmlsec.util.ac.AuthenticationContextStatement class

This is an abstract class representing the top-level AuthenticationContextStatement element of the Liberty authentication context schema. Each concrete implementation of this class represents the respective class defined in the Liberty Authentication Context Specification.

11.3.2.2.4 The oracle.security.xmlsec.saml.SAMLInitializer class

This class handles load-time initialization and configuration of the Oracle SAML library. You should call this class's static initialize(int major, int minor) method, for version 1.1, before making any calls to the Oracle SAML Toolkit API for SAML 1.1.

11.3.2.2.5 The oracle.security.xmlsec.saml.SAMLURI Interface

The oracle.security.xmlsec.saml.SAMLURI interface defines URI string constants for algorithms, namespaces, and objects. The following naming convention is used:

  • Action Namespace URIs defined in the SAML 1.1 specifications begin with "action_"

  • Authentication Method Namespace URIs defined in the SAML 1.1 specifications begin with "authentication_method_"

  • Confirmation Method Namespace URIs defined in the SAML 1.1 specifications begin with "confirmation_method_"

  • Namespace URIs begin with "ns_"

11.3.2.2.6 The oracle.security.xmlsec.saml.SAMLMessage Class

oracle.security.xmlsec.saml.SAMLMessage is the base class for all the SAML and SAML extension messages that may be signed and contain an XML-DSIG structure.

11.3.3 The Oracle Liberty SDK v. 1.2 API Reference

The Oracle Liberty SDK version 1.2 API Reference (Javadoc) is available at:

Oracle Liberty SDK 1.2 Java API Reference