aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java11
1 files changed, 7 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
index 3be5df917..4ba93f8fe 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java
@@ -170,6 +170,7 @@ public class SAMLVerificationEngine {
}
+ List<org.opensaml.saml2.core.Assertion> validatedassertions = new ArrayList<org.opensaml.saml2.core.Assertion>();
for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {
Conditions conditions = saml2assertion.getConditions();
@@ -177,19 +178,21 @@ public class SAMLVerificationEngine {
DateTime notafter = conditions.getNotOnOrAfter();
if ( notbefore.isAfterNow() || notafter.isBeforeNow() ) {
Logger.warn("PVP2 Assertion is out of Date");
- saml2assertions.remove(saml2assertion);
+
+ } else {
+ validatedassertions.add(saml2assertion);
- }
+ }
}
- if (saml2assertions.isEmpty()) {
+ if (validatedassertions.isEmpty()) {
Logger.info("No valid PVP 2.1 assertion received.");
throw new AssertionValidationExeption("No valid PVP 2.1 assertion received.", null);
}
samlResp.getAssertions().clear();
samlResp.getEncryptedAssertions().clear();
- samlResp.getAssertions().addAll(saml2assertions);
+ samlResp.getAssertions().addAll(validatedassertions);
} else {
Logger.info("PVP 2.1 assertion includes an error. Receive errorcode "