1 files changed, 9 insertions, 6 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index 279038967..95c4f1726 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -31,7 +31,6 @@ import org.opensaml.common.binding.decoding.URIComparator;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder;
 import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
-import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule;
 import org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule;
 import org.opensaml.saml2.core.RequestAbstractType;
 import org.opensaml.saml2.core.StatusResponseType;
@@ -50,7 +49,9 @@ import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
+import org.springframework.stereotype.Service;
 
+import at.gv.egovernment.moa.id.commons.api.IRequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
@@ -58,14 +59,16 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse;
 import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IMOARefreshableMetadataProvider;
+import at.gv.egovernment.moa.id.protocols.pvp2x.validation.MOASAML2AuthRequestSignedRole;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
+@Service("PVPRedirectBinding")
 public class RedirectBinding implements IDecoder, IEncoder {
 	
 	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation, String relayState, Credential credentials)
+			RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
 			throws MessageEncodingException, SecurityException {
 		
 //		try {
@@ -100,7 +103,7 @@ public class RedirectBinding implements IDecoder, IEncoder {
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
 			StatusResponseType response, String targetLocation, String relayState, 
-			Credential credentials) throws MessageEncodingException, SecurityException {
+			Credential credentials, IRequest pendingReq) throws MessageEncodingException, SecurityException {
 //		try {
 //			X509Credential credentials = credentialProvider
 //					.getIDPAssertionSigningCredential();
@@ -156,10 +159,10 @@ public class RedirectBinding implements IDecoder, IEncoder {
 				
 		SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
 				TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider));
-		SAML2AuthnRequestsSignedRule signedRole = new SAML2AuthnRequestsSignedRule();
+		MOASAML2AuthRequestSignedRole signedRole = new MOASAML2AuthRequestSignedRole();
 		BasicSecurityPolicy policy = new BasicSecurityPolicy();
-		policy.getPolicyRules().add(signatureRule);
-		policy.getPolicyRules().add(signedRole);		
+		policy.getPolicyRules().add(signedRole);
+		policy.getPolicyRules().add(signatureRule);		
 		SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
 				policy);		
 		messageContext.setSecurityPolicyResolver(resolver);