summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java19
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java2
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java20
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java42
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java13
-rw-r--r--eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java12
-rw-r--r--eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java40
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java7
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java16
-rw-r--r--eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/PVP2AssertionBuilder.java10
10 files changed, 111 insertions, 70 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java
index 620018ad..4c145fbc 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/api/IRequest.java
@@ -100,7 +100,7 @@ public interface IRequest {
* @param key The specific identifier of the request-data object
* @return The request-data object or null if no data is found with this key
*/
- public Object getGenericData(String key);
+ public Object getRawData(String key);
/**
* Returns a generic request-data object with is stored with a specific identifier
@@ -109,7 +109,7 @@ public interface IRequest {
* @param clazz The class type which is stored with this key
* @return The request-data object or null if no data is found with this key
*/
- public <T> T getGenericData(String key, final Class<T> clazz);
+ public <T> T getRawData(String key, final Class<T> clazz);
/**
* Store a generic data-object into pending request with a specific identifier
@@ -118,7 +118,7 @@ public interface IRequest {
* @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface
* @throws SessionDataStorageException Error message if the data-object can not stored to generic request-data storage
*/
- public void setGenericDataToSession(String key, Object object) throws EAAFStorageException;
+ public void setRawDataToTransaction(String key, Object object) throws EAAFStorageException;
/**
* Store generic data-objects into pending request with specific identifiers
@@ -126,16 +126,15 @@ public interface IRequest {
* @param map Map with Identifiers and values
* @throws SessionDataStorageException Error message if the data-object can not stored to generic request-data storage
*/
- public void setGenericDataToSession(Map<String, Object> map) throws EAAFStorageException;
-
-
-
+ public void setRawDataToTransaction(Map<String, Object> map) throws EAAFStorageException;
+
/**
- * Get the internal dataStorage map
+ * Wrap the internal dataStorage map into a DAO
*
- * @return read-only map of data stored to this pending request
+ * @param wrapper DOA to access SessionData
+ * @return
*/
- public Map<String, Object> genericFullDataStorage();
+ public <T> T getSessionData(Class<T> wrapper);
/**
* Hold the identifier of this request object.
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
index a4734e66..1fb4bf6b 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/AbstractAuthenticationManager.java
@@ -236,7 +236,7 @@ public abstract class AbstractAuthenticationManager implements IAuthenticationMa
log.debug("Find SSL-client-certificate on request --> Add it to context");
executionContext.put(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,
((X509Certificate[])httpReq.getAttribute("javax.servlet.request.X509Certificate")));
- pendingReq.setGenericDataToSession(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,
+ pendingReq.setRawDataToTransaction(EAAFConstants.PROCESS_ENGINE_SSL_CLIENT_CERTIFICATE,
((X509Certificate[])httpReq.getAttribute("javax.servlet.request.X509Certificate")));
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
index 94d9a810..c095135d 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/builder/AbstractAuthenticationDataBuilder.java
@@ -440,16 +440,16 @@ public abstract class AbstractAuthenticationDataBuilder implements IAuthenticati
*/
private String getbPKTypeFromPVPAttribute(IAuthProcessDataContainer session) {
String pvpbPKTypeAttr = session.getGenericDataFromSession(PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME, String.class);
- if (StringUtils.isNotEmpty(pvpbPKTypeAttr)) {
-
- //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations
- if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) &&
- !pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(),
- EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) {
- log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting attribute value correction ... ");
- pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" + pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1);
-
- }
+
+ if (StringUtils.isNotEmpty(pvpbPKTypeAttr)) {
+// //fix a wrong bPK-Type encoding, which was used in some PVP Standardportal implementations
+// if (pvpbPKTypeAttr.startsWith(EAAFConstants.URN_PREFIX_CDID) &&
+// !pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length(),
+// EAAFConstants.URN_PREFIX_CDID.length() + 1).equals("+")) {
+// log.warn("Receive uncorrect encoded bBKType attribute " + pvpbPKTypeAttr + " Starting attribute value correction ... ");
+// pvpbPKTypeAttr = EAAFConstants.URN_PREFIX_CDID + "+" + pvpbPKTypeAttr.substring(EAAFConstants.URN_PREFIX_CDID.length() + 1);
+//
+// }
log.debug("Find PVP-Attr: " + PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME);
return pvpbPKTypeAttr;
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
index a453a8a3..7d59f043 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
@@ -27,6 +27,7 @@
package at.gv.egiz.eaaf.core.impl.idp.controller.protocols;
import java.io.Serializable;
+import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Date;
@@ -48,6 +49,7 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
@@ -141,7 +143,7 @@ public abstract class RequestImpl implements IRequest, Serializable{
//set requester's IP address
try {
- setGenericDataToSession(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr());
+ setRawDataToTransaction(DATAID_REQUESTER_IP_ADDRESS, req.getRemoteAddr());
} catch (EAAFStorageException e) {
log.info("Can NOT store remote IP address into 'pendingRequest'." , e);
@@ -215,11 +217,31 @@ public abstract class RequestImpl implements IRequest, Serializable{
this.internalSSOSessionId = internalSSOSessionId;
}
-
+
@Override
- public final Map<String, Object> genericFullDataStorage() {
- return this.genericDataStorage;
+ public final <T> T getSessionData(final Class<T> wrapper) {
+ if (wrapper != null) {
+ if (AuthProcessDataWrapper.class.isAssignableFrom(wrapper)) {
+ try {
+ return wrapper.getConstructor(Map.class).newInstance(this.genericDataStorage);
+
+ } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException
+ | IllegalArgumentException | InvocationTargetException e) {
+ log.error("Can NOT instance wrapper: " + wrapper.getName(), e);
+
+ }
+
+ }
+
+ log.error("Can NOT wrap generic data into session data. "
+ + "Reason: Wrapper " + wrapper.getName() + " is NOT a valid wrapper");
+ throw new RuntimeException("Can NOT wrap generic data into session data. "
+ + "Reason: Wrapper " + wrapper.getName() + " is NOT a valid wrapper");
+
+ }
+ return null;
+
}
@Override
@@ -346,7 +368,7 @@ public abstract class RequestImpl implements IRequest, Serializable{
}
@Override
- public final Object getGenericData(String key) {
+ public final Object getRawData(String key) {
if (StringUtils.isNotEmpty(key)) {
return genericDataStorage.get(key);
@@ -357,7 +379,7 @@ public abstract class RequestImpl implements IRequest, Serializable{
}
@Override
- public final <T> T getGenericData(String key, final Class<T> clazz) {
+ public final <T> T getRawData(String key, final Class<T> clazz) {
if (StringUtils.isNotEmpty(key)) {
Object data = genericDataStorage.get(key);
@@ -383,13 +405,13 @@ public abstract class RequestImpl implements IRequest, Serializable{
}
@Override
- public final void setGenericDataToSession(String key, Object object) throws EAAFStorageException {
+ public final void setRawDataToTransaction(String key, Object object) throws EAAFStorageException {
if (StringUtils.isEmpty(key)) {
log.info("Generic request-data can not be stored with a 'null' key");
throw new EAAFStorageException("Generic request-data can not be stored with a 'null' key", null);
}
-
+
if (object != null) {
if (!Serializable.class.isInstance(object)) {
log.warn("Generic request-data can only store objects which implements the 'Seralizable' interface");
@@ -408,7 +430,7 @@ public abstract class RequestImpl implements IRequest, Serializable{
}
@Override
- public final void setGenericDataToSession(Map<String, Object> map) throws EAAFStorageException {
+ public final void setRawDataToTransaction(Map<String, Object> map) throws EAAFStorageException {
if (map == null) {
log.info("Generic request-data can not be stored with a 'null' map");
throw new EAAFStorageException("Generic request-data can not be stored with a 'null' map", null);
@@ -417,7 +439,7 @@ public abstract class RequestImpl implements IRequest, Serializable{
//validate and store values
for (Entry<String, Object> el : map.entrySet())
- setGenericDataToSession(el.getKey(), el.getValue());
+ setRawDataToTransaction(el.getKey(), el.getValue());
}
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java
index f458c142..a7bd8f81 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/FileUtils.java
@@ -40,14 +40,13 @@ import java.net.URI;
import java.net.URL;
import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
-/**
- * Utility for accessing files on the file system, and for reading from input streams.
- * @author Paul Ivancsics
- * @version $Id$
- */
public class FileUtils {
-
+ private static final Logger log = LoggerFactory.getLogger(FileUtils.class);
+
+
/**
* Reads a file, given by URL, into a byte array.
* @param urlString file URL
@@ -112,6 +111,8 @@ public class FileUtils {
public static String makeAbsoluteURL(String url, String root) {
//if url is relative to rootConfigFileDirName make it absolute
+ log.trace("Making AbsoluteURL URL: " + url + " Root-Path: " + root);
+
if (StringUtils.isEmpty(root))
root = null;
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java
index b190bfba..2504d8f1 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/utils/Random.java
@@ -36,6 +36,8 @@ import org.apache.commons.lang3.ArrayUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import at.gv.egiz.eaaf.core.impl.idp.process.support.SecureRandomHolder;
+
/**
* Random number generator used to generate ID's
@@ -60,15 +62,7 @@ public class Random {
} catch (NoSuchAlgorithmException e) {
log.warn("Can NOT initialize SecureRandom with: 'SHA256PRNG-FIPS186'. Use 'StrongSecureRandom' as backup");
-
- try {
- random = SecureRandom.getInstanceStrong();
-
- } catch (NoSuchAlgorithmException e1) {
- log.error("Can NOT initialize SecureRandom. StartUp process FAILED!");
- throw new RuntimeException("Can NOT initialize SecureRandom. StartUp process FAILED!", e);
-
- }
+ random = SecureRandomHolder.getInstance();
}
diff --git a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java
index a3812816..b1f53db3 100644
--- a/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java
+++ b/eaaf_core/src/test/java/at/gv/egiz/eaaf/core/impl/idp/module/test/TestRequestImpl.java
@@ -26,12 +26,14 @@
*******************************************************************************/
package at.gv.egiz.eaaf.core.impl.idp.module.test;
+import java.lang.reflect.InvocationTargetException;
import java.util.HashMap;
import java.util.Map;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
/**
* @author tlenz
@@ -83,7 +85,7 @@ public class TestRequestImpl implements IRequest {
* @see at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String)
*/
@Override
- public Object getGenericData(String key) {
+ public Object getRawData(String key) {
return storage.get(key);
}
@@ -91,7 +93,7 @@ public class TestRequestImpl implements IRequest {
* @see at.gv.egovernment.moa.id.moduls.IRequest#getGenericData(java.lang.String, java.lang.Class)
*/
@Override
- public <T> T getGenericData(String key, Class<T> clazz) {
+ public <T> T getRawData(String key, Class<T> clazz) {
return (T)storage.get(key);
}
@@ -218,14 +220,9 @@ public class TestRequestImpl implements IRequest {
}
@Override
- public void setGenericDataToSession(Map<String, Object> map) throws EAAFStorageException {
+ public void setRawDataToTransaction(Map<String, Object> map) throws EAAFStorageException {
storage.putAll(map);
-
- }
-
- @Override
- public Map<String, Object> genericFullDataStorage() {
- return storage;
+
}
@Override
@@ -270,7 +267,7 @@ public class TestRequestImpl implements IRequest {
}
@Override
- public void setGenericDataToSession(String key, Object object) throws EAAFStorageException {
+ public void setRawDataToTransaction(String key, Object object) throws EAAFStorageException {
storage.put(key, object);
}
@@ -278,6 +275,29 @@ public class TestRequestImpl implements IRequest {
public void setSpConfig(ISPConfiguration spConfig) {
this.spConfig = spConfig;
}
+
+ @Override
+ public <T> T getSessionData(Class<T> wrapper) {
+ if (wrapper != null) {
+ if (AuthProcessDataWrapper.class.isAssignableFrom(wrapper)) {
+ try {
+ return wrapper.getConstructor(Map.class).newInstance(this.storage);
+
+ } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException
+ | IllegalArgumentException | InvocationTargetException e) {
+ throw new RuntimeException("Can NOT instance wrapper: " + wrapper.getName(), e);
+
+ }
+
+ }
+
+ throw new RuntimeException("Can NOT wrap generic data into session data. "
+ + "Reason: Wrapper " + wrapper.getName() + " is NOT a valid wrapper");
+
+ }
+
+ return null;
+ }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java
index 1621aa84..2bb2cb10 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java
@@ -28,6 +28,7 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
import java.util.List;
+import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -82,6 +83,10 @@ public class QAALevelVerifier {
}
public static void verifyQAALevel(String qaaAuth, List<String> requiredLoAs, String matchingMode) throws QAANotAllowedException {
+ log.trace("Starting LoA verification: authLoA: " + qaaAuth
+ + " requiredLoA: " + StringUtils.join(requiredLoAs, "|")
+ + " matchingMode: " + matchingMode);
+
boolean hasMatch = false;
for (String loa : requiredLoAs) {
if (verifyQAALevel(qaaAuth, loa, matchingMode))
@@ -90,7 +95,7 @@ public class QAALevelVerifier {
}
if (!hasMatch)
- throw new QAANotAllowedException(qaaAuth, requiredLoAs.toArray().toString(), matchingMode);
+ throw new QAANotAllowedException(qaaAuth, StringUtils.join(requiredLoAs, "|"), matchingMode);
else
log.debug("Requesed LoA fits LoA from authentication. Continue auth process ... ");
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
index 32c2cce7..b6e00709 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AuthenticationAction.java
@@ -139,17 +139,17 @@ public class AuthenticationAction implements IAction {
sloInformation.setProtocolType(req.requestedModule());
sloInformation.setSpEntityID(req.getServiceProviderConfiguration().getUniqueIdentifier());
return sloInformation;
-
- } catch (MessageEncodingException e) {
- log.error("Message Encoding exception", e);
- throw new ResponderErrorException("pvp2.01", null, e);
-
- } catch (SecurityException e) {
- log.error("Security exception", e);
+
+ } catch (MessageEncodingException | SecurityException e) {
+ log.warn("Message Encoding exception", e);
throw new ResponderErrorException("pvp2.01", null, e);
} catch (EAAFException e) {
- log.error("Response generation error", e);
+ log.info("Response generation error: Msg: ", e.getMessage());
+ throw new ResponderErrorException(e.getErrorId(), e.getParams(), e);
+
+ } catch (Exception e) {
+ log.warn("Response generation error", e);
throw new ResponderErrorException("pvp2.01", null, e);
}
diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/PVP2AssertionBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/PVP2AssertionBuilder.java
index 5ef112dd..d049aeb3 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/PVP2AssertionBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/PVP2AssertionBuilder.java
@@ -156,7 +156,8 @@ public class PVP2AssertionBuilder implements PVPConstants {
//get matching mode from authn. request
String loaMatchingMode = EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM;
- if (StringUtils.isNotEmpty(reqAuthnContext.getComparison().toString()))
+ if (reqAuthnContext.getComparison() != null &&
+ StringUtils.isNotEmpty(reqAuthnContext.getComparison().toString()))
loaMatchingMode = reqAuthnContext.getComparison().toString();
//get requested LoAs
@@ -172,7 +173,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
if (!qaa_uri.trim().startsWith(EAAFConstants.EIDAS_LOA_PREFIX)) {
if (loaLevelMapper != null) {
- log.debug("Find no eIDAS LoA. Start mapping process ... " );
+ log.debug("Find no eIDAS LoA in AuthnReq. Start mapping process ... " );
eIDASLoaFromRequest.add(loaLevelMapper.mapToeIDASLoA(qaa_uri.trim()));
} else
@@ -356,14 +357,13 @@ public class PVP2AssertionBuilder implements PVPConstants {
SubjectConfirmationData subjectConfirmationData = SAML2Utils
.createSAMLObject(SubjectConfirmationData.class);
subjectConfirmationData.setInResponseTo(authnRequest.getID());
- subjectConfirmationData.setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime()));
-// subjectConfirmationData.setNotBefore(date);
+ subjectConfirmationData.setNotOnOrAfter(new DateTime(authData.getSsoSessionValidTo().getTime()));
//set 'recipient' attribute in subjectConformationData
subjectConfirmationData.setRecipient(assertionConsumerService.getLocation());
//set IP address of the user machine as 'Address' attribute in subjectConformationData
- String usersIPAddress = pendingReq.getGenericData(
+ String usersIPAddress = pendingReq.getRawData(
RequestImpl.DATAID_REQUESTER_IP_ADDRESS, String.class);
if (StringUtils.isNotEmpty(usersIPAddress))
subjectConfirmationData.setAddress(usersIPAddress);