BUGFIX: RedirectBinding validate signatures which exists, but signature is not required

changes for WKO: Allow Metadata with no AttributeConsumerService Allow AuthnRequest with no RequestedAuthnContext Allow AuthnRequest with no AssertionConsumerServiceIndex Use Metadata->AssertionConsumerService->isDefaut flag
author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-01-21 18:00:41 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-01-21 18:00:41 +0100
commit: dd4a77caa66368ca257fcf5a1f87d0dab90477f5 (patch)
tree: e80c411a9eab2b993fc60f1026145a5b1388dff1 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth
parent: 51c45b375485399d36e33f1ab4cf76e9273222e3 (diff)
download: moa-id-spss-dd4a77caa66368ca257fcf5a1f87d0dab90477f5.tar.gz
moa-id-spss-dd4a77caa66368ca257fcf5a1f87d0dab90477f5.tar.bz2
moa-id-spss-dd4a77caa66368ca257fcf5a1f87d0dab90477f5.zip
2 files changed, 3 insertions, 1 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
index 7e00b8084..e298bcdb3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
@@ -146,7 +146,8 @@ public class Authenticate extends HttpServlet {
 			for (SingleSignOnService sss : 
 					idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
 				
-				if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { //Get the service address for the binding you wish to use  
+				//Get the service address for the binding you wish to use
+				if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { 
 					redirectEndpoint = sss;  
 				}  
 			}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
index cdb28922c..9c6f39b30 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
@@ -204,6 +204,7 @@ public class BuildMetadata extends HttpServlet {
 			
 			spSSODescriptor.setWantAssertionsSigned(true);
 			spSSODescriptor.setAuthnRequestsSigned(true);
+			
 			AttributeConsumingService attributeService = 
 					SAML2Utils.createSAMLObject(AttributeConsumingService.class);
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-01-21 18:00:41 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-01-21 18:00:41 +0100
commit	dd4a77caa66368ca257fcf5a1f87d0dab90477f5 (patch)
tree	e80c411a9eab2b993fc60f1026145a5b1388dff1 /id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth
parent	51c45b375485399d36e33f1ab4cf76e9273222e3 (diff)
download	moa-id-spss-dd4a77caa66368ca257fcf5a1f87d0dab90477f5.tar.gz moa-id-spss-dd4a77caa66368ca257fcf5a1f87d0dab90477f5.tar.bz2 moa-id-spss-dd4a77caa66368ca257fcf5a1f87d0dab90477f5.zip