From 98d740f873ac66522f3ebfb02a2433c98fde3a1d Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 26 Jul 2017 15:35:05 +0200 Subject: fix bug in PVP metadata generator that prohibits SHA256 hash algorithms in combination with eIDAS saml-engine --- .../moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java index e2f8664d8..e2ac50e5e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java @@ -71,6 +71,7 @@ import org.w3c.dom.Document; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; @@ -153,8 +154,7 @@ public class PVPMetadataBuilder { Credential metadataSignCred = config.getMetadataSigningCredentials(); Signature signature = AbstractCredentialProvider.getIDPSignature(metadataSignCred); SecurityHelper.prepareSignatureParams(signature, metadataSignCred, null, null); - - + //initialize XML document builder DocumentBuilder builder; DocumentBuilderFactory factory = DocumentBuilderFactory @@ -173,8 +173,11 @@ public class PVPMetadataBuilder { entitiesDescriptor.setValidUntil(date.plusHours(config.getMetadataValidUntil())); entitiesDescriptor.getEntityDescriptors().add(entityDescriptor); + //load default PVP security configurations + MOADefaultBootstrap.initializeDefaultPVPConfiguration(); entitiesDescriptor.setSignature(signature); + //marshall document Marshaller out = Configuration.getMarshallerFactory() .getMarshaller(entitiesDescriptor); -- cgit v1.2.3