aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-05-09 11:52:30 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-05-09 11:52:30 +0200
commit719b06ae04a8d96bf24268a4e25a0cd7b0768e95 (patch)
tree7d83f85ba125fecc8eef950272d292a9c9eeeada /id
parent5c3841139097ce9de9c4fc7aa666df36b8d50214 (diff)
downloadmoa-id-spss-719b06ae04a8d96bf24268a4e25a0cd7b0768e95.tar.gz
moa-id-spss-719b06ae04a8d96bf24268a4e25a0cd7b0768e95.tar.bz2
moa-id-spss-719b06ae04a8d96bf24268a4e25a0cd7b0768e95.zip
add AuthnRequest validation
Diffstat (limited to 'id')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java5
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java4
2 files changed, 9 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 280b6495e..6527f03b5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -90,6 +90,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SLOException;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.CheckMandateAttributes;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AuthnRequestValidator;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngine;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -301,6 +302,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
if(statusMessageValue != null) {
statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue));
}
+
} else {
statusCode.setValue(StatusCode.RESPONDER_URI);
@@ -556,6 +558,9 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
config.setPassiv(authReq.isPassive());
config.setForce(authReq.isForceAuthn());
+ //validate AuthnRequest
+ AuthnRequestValidator.validate(authReq);
+
String useMandate = request.getParameter(PARAM_USEMANDATE);
if(useMandate != null) {
if(useMandate.equals("true") && attributeConsumer != null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java
index b5facde34..87e443930 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/exceptions/NameIDFormatNotSupportedException.java
@@ -22,10 +22,14 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.pvp2x.exceptions;
+import org.opensaml.saml2.core.StatusCode;
+
public class NameIDFormatNotSupportedException extends AuthnRequestValidatorException {
public NameIDFormatNotSupportedException(String nameIDFormat) {
super("pvp2.12", new Object[] {nameIDFormat});
+ statusCodeValue = StatusCode.INVALID_NAMEID_POLICY_URI;
+
}
/**