/**
   * Validate the signature of a SAML2 Response and Assertion
   *
   * @param response SAML2 Response
   * @return true, if signature is valid.
   */
  protected void validateSignature(Response response, Assertion assertion)
      throws SSOAgentException {

    if (SSOAgentDataHolder.getInstance().getSignatureValidator() != null) {
      // Custom implemetation of signature validation
      SAMLSignatureValidator signatureValidatorUtility =
          (SAMLSignatureValidator) SSOAgentDataHolder.getInstance().getSignatureValidator();
      signatureValidatorUtility.validateSignature(response, assertion, ssoAgentConfig);
    } else {
      // If custom implementation not found, Execute the default implementation
      if (ssoAgentConfig.getSAML2().isResponseSigned()) {
        if (response.getSignature() == null) {
          throw new SSOAgentException(
              "SAML2 Response signing is enabled, but signature element not found in SAML2 Response element");
        } else {
          try {
            SignatureValidator validator =
                new SignatureValidator(
                    new X509CredentialImpl(ssoAgentConfig.getSAML2().getSSOAgentX509Credential()));
            validator.validate(response.getSignature());
          } catch (ValidationException e) {
            if (log.isDebugEnabled()) {
              log.debug("Validation exception : ", e);
            }
            throw new SSOAgentException("Signature validation failed for SAML2 Response");
          }
        }
      }
      if (ssoAgentConfig.getSAML2().isAssertionSigned()) {
        if (assertion.getSignature() == null) {
          throw new SSOAgentException(
              "SAML2 Assertion signing is enabled, but signature element not found in SAML2 Assertion element");
        } else {
          try {
            SignatureValidator validator =
                new SignatureValidator(
                    new X509CredentialImpl(ssoAgentConfig.getSAML2().getSSOAgentX509Credential()));
            validator.validate(assertion.getSignature());
          } catch (ValidationException e) {
            if (log.isDebugEnabled()) {
              log.debug("Validation exception : ", e);
            }
            throw new SSOAgentException("Signature validation failed for SAML2 Assertion");
          }
        }
      }
    }
  }
  public SAML2SSOManager(SSOAgentConfig ssoAgentConfig) throws SSOAgentException {

    /* Initializing the OpenSAML library, loading default configurations */
    this.ssoAgentConfig = ssoAgentConfig;
    // load custom Signature Validator Class
    String signerClassName = ssoAgentConfig.getSAML2().getSignatureValidatorImplClass();
    try {
      if (signerClassName != null) {
        SSOAgentDataHolder.getInstance()
            .setSignatureValidator(Class.forName(signerClassName).newInstance());
      }
    } catch (ClassNotFoundException e) {
      throw new SSOAgentException("Error loading custom signature validator class", e);
    } catch (IllegalAccessException e) {
      throw new SSOAgentException("Error loading custom signature validator class", e);
    } catch (InstantiationException e) {
      throw new SSOAgentException("Error loading custom signature validator class", e);
    }
    SSOAgentUtils.doBootstrap();
  }