/**
  * Loads the keystore.
  *
  * @throws IOException
  */
 private KeyStore loadKeystore() throws IOException {
   try {
     return SAMLBearerTokenUtil.loadKeystore(keystorePath, keystorePassword);
   } catch (Exception e) {
     e.printStackTrace();
     throw new IOException(
         Messages.getString("SamlBearerTokenAuthFilter.ErrorLoadingKeystore")
             + e.getMessage()); // $NON-NLS-1$
   }
 }
 /**
  * Gets the key pair to use to validate the assertion's signature. The key pair is retrieved from
  * the keystore.
  *
  * @param assertion
  * @throws IOException
  */
 private KeyPair getKeyPair(AssertionType assertion) throws IOException {
   KeyStore keystore = loadKeystore();
   try {
     return SAMLBearerTokenUtil.getKeyPair(keystore, keyAlias, keyPassword);
   } catch (Exception e) {
     e.printStackTrace();
     throw new IOException(
         Messages.getString("SamlBearerTokenAuthFilter.FailedToGetKeyPair")
             + keyAlias); //$NON-NLS-1$
   }
 }
 /**
  * Handles SAML Bearer token authentication. Assumes the password is an encoded SAML assertion.
  *
  * @param assertionData
  * @param request
  * @throws IOException
  */
 protected SimplePrincipal doSamlLogin(String assertionData, HttpServletRequest request)
     throws IOException {
   try {
     Document samlAssertion = DocumentUtil.getDocument(assertionData);
     SAMLAssertionParser parser = new SAMLAssertionParser();
     XMLEventReader xmlEventReader =
         XMLInputFactory.newInstance().createXMLEventReader(new StringReader(assertionData));
     Object parsed = parser.parse(xmlEventReader);
     AssertionType assertion = (AssertionType) parsed;
     SAMLBearerTokenUtil.validateAssertion(assertion, request, allowedIssuers);
     if (signatureRequired) {
       KeyPair keyPair = getKeyPair(assertion);
       if (!SAMLBearerTokenUtil.isSAMLAssertionSignatureValid(samlAssertion, keyPair)) {
         throw new IOException(
             Messages.getString("SamlBearerTokenAuthFilter.InvalidSig")); // $NON-NLS-1$
       }
     }
     return consumeAssertion(assertion);
   } catch (IOException e) {
     throw e;
   } catch (Exception e) {
     throw new RuntimeException(e);
   }
 }