diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/proxy')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java | 14 | ||||
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java | 3 |
2 files changed, 12 insertions, 5 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java index a78a8d587..9bbf13aca 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.proxy.parser; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.Constants; @@ -40,10 +41,12 @@ public class AuthenticationDataAssertionParser implements Constants { private static String ATTRIBUTESTATEMENT_XPATH = SAML + "AttributeStatement/"; /** Prefix for Element NameIdentifier in an Xpath-expression */ - private static String BPK_XPATH = + private static String PK_XPATH = ATTRIBUTESTATEMENT_XPATH + SAML + "Subject/" + SAML + "NameIdentifier"; + private static String NAME_QUALIFIER_XPATH = + PK_XPATH + "/@NameQualifier"; /** Prefix for Element Person in an Xpath-expression */ private static String PERSONDATA_XPATH = ATTRIBUTESTATEMENT_XPATH + @@ -59,7 +62,6 @@ public class AuthenticationDataAssertionParser implements Constants { PERSONDATA_XPATH + PR + "Identification/" + PR + "Type"; - /** Prefix for Element GivenName in an Xpath-expression */ private static String GIVEN_NAME_XPATH = PERSONDATA_XPATH + @@ -117,8 +119,12 @@ public class AuthenticationDataAssertionParser implements Constants { XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, "")); authData.setIssueInstant( XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, "")); - authData.setPBK( - XPathUtils.getElementValue(samlAssertion, BPK_XPATH, "")); + String pkValue = XPathUtils.getElementValue(samlAssertion, PK_XPATH, ""); + if (XPathUtils.getAttributeValue(samlAssertion, NAME_QUALIFIER_XPATH, "").equalsIgnoreCase(URN_PREFIX_BPK)) { + authData.setPBK(pkValue); + } else { + authData.setWPBK(pkValue); + } authData.setIdentificationValue( XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_VALUE_XPATH, "")); authData.setIdentificationType( diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java index f82ad93ed..7b077ebd9 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java @@ -79,7 +79,8 @@ public class ProxyServlet extends HttpServlet { Logger.debug("getRequestURL:" + req.getRequestURL().toString()); try { - if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) { +// if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) { + if (req.getParameter(PARAM_SAMLARTIFACT) != null) { // check if SAML Artifact was already used in this session (in case of page reload) HttpSession session = req.getSession(); |