1 files changed, 14 insertions, 6 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
index 2e5f78611..812e27a36 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
@@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.verification;
 import java.util.ArrayList;
 import java.util.List;
 
+import javax.xml.namespace.QName;
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.validation.Schema;
 import javax.xml.validation.Validator;
@@ -62,7 +63,6 @@ import org.xml.sax.SAXException;
 import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SchemaValidationException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
@@ -75,7 +75,6 @@ import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
 public class SAMLVerificationEngine {
-
 	
 	public void verify(InboundMessage msg, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception {
 		try {		
@@ -84,7 +83,7 @@ public class SAMLVerificationEngine {
 				verifyRequest(((RequestAbstractType)((MOARequest)msg).getSamlRequest()), sigTrustEngine);
 		
 			else
-				verifyResponse(((MOAResponse)msg).getResponse(), sigTrustEngine);
+				verifyIDPResponse(((MOAResponse)msg).getResponse(), sigTrustEngine);
 			
 		} catch (InvalidProtocolRequestException e) {
 			if (MiscUtil.isEmpty(msg.getEntityID())) {
@@ -103,15 +102,24 @@ public class SAMLVerificationEngine {
 					verifyRequest(((RequestAbstractType)((MOARequest)msg).getSamlRequest()), sigTrustEngine);
 				
 				else
-					verifyResponse(((MOAResponse)msg).getResponse(), sigTrustEngine);
+					verifyIDPResponse(((MOAResponse)msg).getResponse(), sigTrustEngine);
 										
 			}
 			Logger.trace("Second PVP2X message validation finished");
 		}		
 	}
 	
+	public void verifyIDPResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine) throws InvalidProtocolRequestException{
+		verifyResponse(samlObj, sigTrustEngine, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+		
+	}
+	
+	public void verifySLOResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException {
+		verifyResponse(samlObj, sigTrustEngine, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+		
+	}
 	
-	public void verifyResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException{
+	private void verifyResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine, QName defaultElementName)  throws InvalidProtocolRequestException{
 		SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
 		try {
 		    profileValidator.validate(samlObj.getSignature());
@@ -128,7 +136,7 @@ public class SAMLVerificationEngine {
 
 		CriteriaSet criteriaSet = new CriteriaSet();
 		criteriaSet.add( new EntityIDCriteria(samlObj.getIssuer().getValue()) );
-		criteriaSet.add( new MetadataCriteria(IDPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS) );
+		criteriaSet.add( new MetadataCriteria(defaultElementName, SAMLConstants.SAML20P_NS) );
 		criteriaSet.add( new UsageCriteria(UsageType.SIGNING) );
 
 		try {