aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-11-04 07:30:10 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-11-04 07:30:10 +0100
commita777e9ba26db80ca30ed97a4910e3003aaae8b46 (patch)
tree45809beeaadfc6e9fbcf05f8d1025654f86fa3e9 /id/server/idserverlib/src/main/java/at
parent1fbff5f5a86733bc6a75c8ae901153baa0963441 (diff)
downloadmoa-id-spss-a777e9ba26db80ca30ed97a4910e3003aaae8b46.tar.gz
moa-id-spss-a777e9ba26db80ca30ed97a4910e3003aaae8b46.tar.bz2
moa-id-spss-a777e9ba26db80ca30ed97a4910e3003aaae8b46.zip
add metadata schema validation filters
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java1
2 files changed, 4 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index cba64e080..12afa14bc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -57,6 +57,7 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.InterfederatedIDPPublicServiceFilter;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MetadataFilterChain;
+import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -324,6 +325,7 @@ public class MOAMetadataProvider implements MetadataProvider {
private MetadataFilterChain buildMetadataFilterChain(OnlineApplication oa, String metadataURL, byte[] certificate) throws CertificateException {
MetadataFilterChain filterChain = new MetadataFilterChain(metadataURL, certificate);
+ filterChain.getFilters().add(new SchemaValidationFilter());
if (oa.isIsInterfederationIDP() != null && oa.isIsInterfederationIDP()) {
Logger.info("Online-Application is an interfederated IDP. Add addional Metadata policies");
@@ -374,6 +376,8 @@ public class MOAMetadataProvider implements MetadataProvider {
httpProvider.setMetadataFilter(filter);
httpProvider.initialize();
+ httpProvider.setRequireValidMetadata(true);
+
return httpProvider;
} catch (Throwable e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java
index 3d608fd6d..4d9b97a52 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java
@@ -26,7 +26,6 @@ import org.opensaml.saml2.metadata.provider.FilterException;
import org.opensaml.saml2.metadata.provider.MetadataFilter;
import org.opensaml.xml.XMLObject;
-import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationIDPType;
import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
import at.gv.egovernment.moa.logging.Logger;