add configuration parameter to disable PVP2.1 assertion encryption

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-03-19 12:18:56 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-03-19 12:18:56 +0100
commit: b158b0b5a5b0bf65e8c5624216fcf23d5c683d64 (patch)
tree: 3fcb5cb9270fc687b4fafe456e3158cd14c3af84 /id/server/idserverlib/src
parent: 76b43178f068650e8df40c3f7eb4993ff709499c (diff)
download: moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.tar.gz
moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.tar.bz2
moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.zip
2 files changed, 8 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index f9a038d9f..8d1fc7979 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -998,6 +998,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 	  return publicURLPreFix;
   }
   
+  public boolean isPVP2AssertionEncryptionActive() {
+	  String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true");
+	  return Boolean.valueOf(prop);
+  }
+  
   /**
    * Retruns the STORK Configuration
    * @return STORK Configuration
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 7bf188e53..c5afbabe5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -58,6 +58,7 @@ import org.opensaml.xml.security.x509.X509Credential;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
@@ -156,7 +157,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 			
 		}
 	
-		if (encryptionCredentials != null) {
+		boolean isEncryptionActive = AuthConfigurationProvider.getInstance().isPVP2AssertionEncryptionActive();		
+		if (encryptionCredentials != null && isEncryptionActive) {
 			//encrypt SAML2 assertion
 				
 			try {
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-03-19 12:18:56 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-03-19 12:18:56 +0100
commit	b158b0b5a5b0bf65e8c5624216fcf23d5c683d64 (patch)
tree	3fcb5cb9270fc687b4fafe456e3158cd14c3af84 /id/server/idserverlib/src
parent	76b43178f068650e8df40c3f7eb4993ff709499c (diff)
download	moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.tar.gz moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.tar.bz2 moa-id-spss-b158b0b5a5b0bf65e8c5624216fcf23d5c683d64.zip