diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 2f882f41e..1207439dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -126,6 +126,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { @Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage; @Autowired protected AuthConfiguration authConfig; + @Autowired private AttributQueryBuilder attributQueryBuilder; public IAuthData buildAuthenticationData(IRequest protocolRequest, AuthenticationSession session, List<Attribute> reqAttributes) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { @@ -306,7 +307,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { //build attributQuery request AttributeQuery query = - AttributQueryBuilder.buildAttributQueryRequest(interfIDP.getUserNameID(), endpoint, attributs); + attributQueryBuilder.buildAttributQueryRequest(interfIDP.getUserNameID(), endpoint, attributs); //build SOAP request List<XMLObject> xmlObjects = MOASAMLSOAPClient.send(endpoint, query); @@ -325,7 +326,8 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants { SAMLVerificationEngine engine = new SAMLVerificationEngine(); engine.verifyIDPResponse(intfResp, TrustEngineFactory.getSignatureKnownKeysTrustEngine()); - SAMLVerificationEngine.validateAssertion(intfResp, false); + //TODO: find better solution + //SAMLVerificationEngine.validateAssertion(intfResp, false); } catch (Exception e) { Logger.warn("PVP 2.1 assertion validation FAILED.", e); |