diff options
Diffstat (limited to 'id/server/idserverlib')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java | 11 | 
1 files changed, 7 insertions, 4 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java index 3be5df917..4ba93f8fe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java @@ -170,6 +170,7 @@ public class SAMLVerificationEngine {  				} +				List<org.opensaml.saml2.core.Assertion> validatedassertions = new ArrayList<org.opensaml.saml2.core.Assertion>();				  				for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {  					Conditions conditions = saml2assertion.getConditions(); @@ -177,19 +178,21 @@ public class SAMLVerificationEngine {  					DateTime notafter = conditions.getNotOnOrAfter();  					if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) {  						Logger.warn("PVP2 Assertion is out of Date"); -						saml2assertions.remove(saml2assertion);						 +											 +					} else { +						validatedassertions.add(saml2assertion); -					}					 +					}							  				} -				if (saml2assertions.isEmpty()) { +				if (validatedassertions.isEmpty()) {  					Logger.info("No valid PVP 2.1 assertion received.");  					throw new AssertionValidationExeption("No valid PVP 2.1 assertion received.", null);  				}  				samlResp.getAssertions().clear();  				samlResp.getEncryptedAssertions().clear(); -				samlResp.getAssertions().addAll(saml2assertions); +				samlResp.getAssertions().addAll(validatedassertions);  			} else {  				Logger.info("PVP 2.1 assertion includes an error. Receive errorcode "  | 
