diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-03-10 12:31:38 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-03-10 12:31:38 +0100 |
commit | a6cadad81df2b44a99ca452ea1737abf1fa7d3e8 (patch) | |
tree | a9358c03beaed2c8955655304f5b081a40b14360 /id/server/modules/moa-id-modules-federated_authentication/src/main | |
parent | e34d8e8a2292a0ea049ab3b3aa6e649aa215e82b (diff) | |
download | moa-id-spss-a6cadad81df2b44a99ca452ea1737abf1fa7d3e8.tar.gz moa-id-spss-a6cadad81df2b44a99ca452ea1737abf1fa7d3e8.tar.bz2 moa-id-spss-a6cadad81df2b44a99ca452ea1737abf1fa7d3e8.zip |
add additional PVP response validation
Diffstat (limited to 'id/server/modules/moa-id-modules-federated_authentication/src/main')
-rw-r--r-- | id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java index d5c5354c0..01163efd6 100644 --- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java +++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java @@ -347,7 +347,10 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask { // check SAML2 response status-code if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) { //validate PVP 2.1 assertion - samlVerificationEngine.validateAssertion(samlResp, true, credentialProvider.getIDPAssertionEncryptionCredential()); + samlVerificationEngine.validateAssertion(samlResp, true, + credentialProvider.getIDPAssertionEncryptionCredential(), + pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_METADATA, + FederatedAuthConstants.MODULE_NAME_FOR_LOGGING); msg.setSAMLMessage(SAML2Utils.asDOMDocument(samlResp).getDocumentElement()); return msg; |