diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-08-19 15:03:42 +0200 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-08-19 15:03:42 +0200 |
| commit | 1ab0f1d4d991464b906c34befefe2ecaf485d485 (patch) | |
| tree | e84f4deb090dda11b5fb318019b6e0bce9efc86c /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java | |
| parent | 296ebbfb36ef207abe4611cb8d3727d2f86a692b (diff) | |
| download | moa-id-spss-1ab0f1d4d991464b906c34befefe2ecaf485d485.tar.gz moa-id-spss-1ab0f1d4d991464b906c34befefe2ecaf485d485.tar.bz2 moa-id-spss-1ab0f1d4d991464b906c34befefe2ecaf485d485.zip | |
add interfederation without attributequery request which use encrypted bPKs
(this functionality is required for federation with USP)
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 08f40f888..fe0d27804 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -208,7 +208,10 @@ public class SAML1AuthenticationServer extends AuthenticationServer { if (authData.isUseMandate()) { List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA(); - if (saml1parameter.isProvideFullMandatorData()) { + //only provide full mandate if it is included. + //In case of federation only a short mandate could be include + if (saml1parameter.isProvideFullMandatorData() + && authData.getMISMandate().isFullMandateIncluded()) { try { |