diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-19 12:18:56 +0100 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-03-19 12:18:56 +0100 |
| commit | b158b0b5a5b0bf65e8c5624216fcf23d5c683d64 (patch) | |
| tree | 3fcb5cb9270fc687b4fafe456e3158cd14c3af84 | |
| parent | 76b43178f068650e8df40c3f7eb4993ff709499c (diff) | |
| download | moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.tar.gz moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.tar.bz2 moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.zip | |
add configuration parameter to disable PVP2.1 assertion encryption
2 files changed, 8 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index f9a038d9f..8d1fc7979 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -998,6 +998,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return publicURLPreFix; } + public boolean isPVP2AssertionEncryptionActive() { + String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true"); + return Boolean.valueOf(prop); + } + /** * Retruns the STORK Configuration * @return STORK Configuration diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java index 7bf188e53..c5afbabe5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java @@ -58,6 +58,7 @@ import org.opensaml.xml.security.x509.X509Credential; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; @@ -156,7 +157,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants { } - if (encryptionCredentials != null) { + boolean isEncryptionActive = AuthConfigurationProvider.getInstance().isPVP2AssertionEncryptionActive(); + if (encryptionCredentials != null && isEncryptionActive) { //encrypt SAML2 assertion try { |