From b158b0b5a5b0bf65e8c5624216fcf23d5c683d64 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Wed, 19 Mar 2014 12:18:56 +0100
Subject: add configuration parameter to disable PVP2.1 assertion encryption

---
 .../gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java | 5 +++++
 .../moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java   | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

(limited to 'id/server/idserverlib/src')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index f9a038d9f..8d1fc7979 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -998,6 +998,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 	  return publicURLPreFix;
   }
   
+  public boolean isPVP2AssertionEncryptionActive() {
+	  String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true");
+	  return Boolean.valueOf(prop);
+  }
+  
   /**
    * Retruns the STORK Configuration
    * @return STORK Configuration
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 7bf188e53..c5afbabe5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -58,6 +58,7 @@ import org.opensaml.xml.security.x509.X509Credential;
 
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
@@ -156,7 +157,8 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 			
 		}
 	
-		if (encryptionCredentials != null) {
+		boolean isEncryptionActive = AuthConfigurationProvider.getInstance().isPVP2AssertionEncryptionActive();		
+		if (encryptionCredentials != null && isEncryptionActive) {
 			//encrypt SAML2 assertion
 				
 			try {
-- 
cgit v1.2.3