diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-05-09 11:52:30 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-05-09 11:52:30 +0200 |
commit | 719b06ae04a8d96bf24268a4e25a0cd7b0768e95 (patch) | |
tree | 7d83f85ba125fecc8eef950272d292a9c9eeeada /id | |
parent | 5c3841139097ce9de9c4fc7aa666df36b8d50214 (diff) | |
download | moa-id-spss-719b06ae04a8d96bf24268a4e25a0cd7b0768e95.tar.gz moa-id-spss-719b06ae04a8d96bf24268a4e25a0cd7b0768e95.tar.bz2 moa-id-spss-719b06ae04a8d96bf24268a4e25a0cd7b0768e95.zip |
add AuthnRequest validation
Diffstat (limited to 'id')
2 files changed, 9 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 280b6495e..6527f03b5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -90,6 +90,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SLOException; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; +import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AuthnRequestValidator; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -301,6 +302,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { if(statusMessageValue != null) { statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue)); } + } else { statusCode.setValue(StatusCode.RESPONDER_URI); @@ -556,6 +558,9 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { config.setPassiv(authReq.isPassive()); config.setForce(authReq.isForceAuthn()); + //validate AuthnRequest + AuthnRequestValidator.validate(authReq); + String useMandate = request.getParameter(PARAM_USEMANDATE); if(useMandate != null) { if(useMandate.equals("true") && attributeConsumer != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java index b5facde34..87e443930 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java @@ -22,10 +22,14 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions; +import org.opensaml.saml2.core.StatusCode; + public class NameIDFormatNotSupportedException extends AuthnRequestValidatorException { public NameIDFormatNotSupportedException(String nameIDFormat) { super("pvp2.12", new Object[] {nameIDFormat}); + statusCodeValue = StatusCode.INVALID_NAMEID_POLICY_URI; + } /** |