From 7af9d603860dab1b618de7981ae3f0a27ea130db Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 20 Aug 2014 16:47:11 +0200
Subject: solve SLO bug

---
 .../moa/id/demoOA/servlet/pvp2/SingleLogOut.java   | 26 ++++++----------------
 1 file changed, 7 insertions(+), 19 deletions(-)

(limited to 'id/oa/src/main/java/at/gv/egovernment/moa')

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
index 11cc020ff..b87865989 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/SingleLogOut.java
@@ -43,6 +43,7 @@ import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
+import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
 import org.opensaml.saml2.core.AuthnContextClassRef;
 import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
 import org.opensaml.saml2.core.AuthnRequest;
@@ -163,7 +164,7 @@ public class SingleLogOut extends HttpServlet {
 					idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleLogoutServices()) {
 				
 				//Get the service address for the binding you wish to use
-				if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) { 
+				if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) { 
 					redirectEndpoint = sss;  
 				}  
 			}
@@ -182,28 +183,15 @@ public class SingleLogOut extends HttpServlet {
 			signer.setSigningCredential(authcredential);
 			sloReq.setSignature(signer);
 
-			//generate Http-POST Binding message
-			VelocityEngine engine = new VelocityEngine();
-			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
-			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
-			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
-			engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
-			engine.setProperty("classpath.resource.loader.class",
-					"org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
-			engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
-					"org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
-			engine.init();
-
-			HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
-					"templates/pvp_postbinding_template.html");
+			HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
 			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
-					response, true);
+					response
+					, true);
 			BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
 			SingleSignOnService service = new SingleSignOnServiceBuilder()
 					.buildObject();
-			service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
-			service.setLocation(redirectEndpoint.getLocation());;
-			
+			service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+			service.setLocation(redirectEndpoint.getLocation());
 			context.setOutboundSAMLMessageSigningCredential(authcredential);
 			context.setPeerEntityEndpoint(service);
 			context.setOutboundSAMLMessage(sloReq);
-- 
cgit v1.2.3