aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modules-federated_authentication/src/main
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-10 12:31:38 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-10 12:31:38 +0100
commita6cadad81df2b44a99ca452ea1737abf1fa7d3e8 (patch)
treea9358c03beaed2c8955655304f5b081a40b14360 /id/server/modules/moa-id-modules-federated_authentication/src/main
parente34d8e8a2292a0ea049ab3b3aa6e649aa215e82b (diff)
downloadmoa-id-spss-a6cadad81df2b44a99ca452ea1737abf1fa7d3e8.tar.gz
moa-id-spss-a6cadad81df2b44a99ca452ea1737abf1fa7d3e8.tar.bz2
moa-id-spss-a6cadad81df2b44a99ca452ea1737abf1fa7d3e8.zip
add additional PVP response validation
Diffstat (limited to 'id/server/modules/moa-id-modules-federated_authentication/src/main')
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java5
1 files changed, 4 insertions, 1 deletions
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
index d5c5354c0..01163efd6 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
@@ -347,7 +347,10 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
// check SAML2 response status-code
if (samlResp.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
//validate PVP 2.1 assertion
- samlVerificationEngine.validateAssertion(samlResp, true, credentialProvider.getIDPAssertionEncryptionCredential());
+ samlVerificationEngine.validateAssertion(samlResp, true,
+ credentialProvider.getIDPAssertionEncryptionCredential(),
+ pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_METADATA,
+ FederatedAuthConstants.MODULE_NAME_FOR_LOGGING);
msg.setSAMLMessage(SAML2Utils.asDOMDocument(samlResp).getDocumentElement());
return msg;