From dd4a77caa66368ca257fcf5a1f87d0dab90477f5 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 21 Jan 2014 18:00:41 +0100
Subject: BUGFIX: RedirectBinding validate signatures which exists, but
 signature is not required

changes for WKO:
Allow Metadata with no AttributeConsumerService
Allow AuthnRequest with no RequestedAuthnContext
Allow AuthnRequest with no AssertionConsumerServiceIndex
Use Metadata->AssertionConsumerService->isDefaut flag
---
 .../at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java | 3 ++-
 .../gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java   | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

(limited to 'id/ConfigWebTool/src/main/java')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
index 7e00b8084..e298bcdb3 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/Authenticate.java
@@ -146,7 +146,8 @@ public class Authenticate extends HttpServlet {
 			for (SingleSignOnService sss : 
 					idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
 				
-				if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { //Get the service address for the binding you wish to use  
+				//Get the service address for the binding you wish to use
+				if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { 
 					redirectEndpoint = sss;  
 				}  
 			}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
index cdb28922c..9c6f39b30 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/BuildMetadata.java
@@ -204,6 +204,7 @@ public class BuildMetadata extends HttpServlet {
 			
 			spSSODescriptor.setWantAssertionsSigned(true);
 			spSSODescriptor.setAuthnRequestsSigned(true);
+			
 			AttributeConsumingService attributeService = 
 					SAML2Utils.createSAMLObject(AttributeConsumingService.class);
 			
-- 
cgit v1.2.3