From 32e1a7ef05521924a69cc82a46e3fe84ab85da91 Mon Sep 17 00:00:00 2001 From: "peter.danner" Date: Mon, 15 Jan 2007 11:13:22 +0000 Subject: fixed comparison of possibly base64 encoded SAML-Attributes git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@785 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../id/auth/validator/CreateXMLSignatureResponseValidator.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'id.server/src/at/gv/egovernment/moa/id') diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index e72d0b6c4..78f62de50 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -4,7 +4,6 @@ import java.util.Iterator; import java.util.List; import org.w3c.dom.Element; -import org.w3c.dom.NodeList; import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; @@ -14,6 +13,7 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.StringUtils; import at.gv.egovernment.moa.util.XPathUtils; /** @@ -213,7 +213,12 @@ public class CreateXMLSignatureResponseValidator { Object actualValue = samlAttribute.getValue(); try { if (expectedValue instanceof String) { - if (!(((String)expectedValue).equals((String)actualValue))) { + // replace \r\n because text might be base64-encoded + String expValue = StringUtils.replaceAll((String)expectedValue,"\r",""); + expValue = StringUtils.replaceAll(expValue,"\n",""); + String actValue = StringUtils.replaceAll((String)actualValue,"\r",""); + actValue = StringUtils.replaceAll(actValue,"\n",""); + if (!expValue.equals(actValue)) { throw new ValidateException( "validator.38", new Object[] {"Wert", String.valueOf((i+1)), actualName, actualValue, expectedValue }); -- cgit v1.2.3