aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java2
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java8
2 files changed, 7 insertions, 3 deletions
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index 1d37b916c..d52e03c09 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -115,7 +115,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
if (PVPConfiguration.getInstance().getIDPPublicPath().contains(entityID)) {
// stored SSO session data is from this IDP - start local session reconstruction
- Response ssoInformation = ssoTransferUtils.validateReceivedSSOContainer(sessionBlob);
+ Response ssoInformation = ssoTransferUtils.validateReceivedSSOContainer(sessionBlob, entityID);
//transfer SSO Assertion into MOA-Session
ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moasession, ssoInformation);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
index ddfd0958f..b2ab8b119 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
@@ -250,7 +250,7 @@ public class SSOContainerUtils {
}
- public Response validateReceivedSSOContainer(String signedEncryptedContainer) throws IOException, XMLParserException, UnmarshallingException, MOAIDException {
+ public Response validateReceivedSSOContainer(String signedEncryptedContainer, String entityID) throws IOException, XMLParserException, UnmarshallingException, MOAIDException {
byte[] base64decodedContainer = Base64Utils.decode(signedEncryptedContainer, false);
final BasicParserPool ppMgr = new BasicParserPool();
@@ -295,7 +295,11 @@ public class SSOContainerUtils {
if (ssoContainer.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
//validate PVP 2.1 assertion
- samlVerificationEngine.validateAssertion(ssoContainer, false, credentials.getIDPAssertionEncryptionCredential());
+ samlVerificationEngine.validateAssertion(ssoContainer, false,
+ credentials.getIDPAssertionEncryptionCredential(),
+ entityID,
+ "SSO-Session Transfer module"
+ );
return ssoContainer;
} else {
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 09:07:38 +0000