Author: anil.saldhana(a)jboss.com
Date: 2009-08-25 13:57:05 -0400 (Tue, 25 Aug 2009)
New Revision: 741
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/plugins/saml/SAML20TokenProvider.java
Log:
fix the token provider
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/plugins/saml/SAML20TokenProvider.java
===================================================================
---
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/plugins/saml/SAML20TokenProvider.java 2009-08-25
16:53:01 UTC (rev 740)
+++
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/plugins/saml/SAML20TokenProvider.java 2009-08-25
17:57:05 UTC (rev 741)
@@ -155,6 +155,9 @@
ValidateTargetType validateTarget =
context.getRequestSecurityToken().getValidateTarget();
if(validateTarget == null)
throw new WSTrustException("Invalid validate message: missing required
ValidateTarget");
+
+ String code = WSTrustConstants.STATUS_CODE_VALID;
+ String reason = "SAMLV2.0 Assertion successfuly validated";
AssertionType assertion = null;
@@ -166,19 +169,26 @@
}
else if(assertionObj instanceof Element)
{
- try
+ Element assertionElement = (Element) assertionObj;
+
+ if(!this.isAssertion(assertionElement))
{
- assertion = SAMLUtil.fromElement((Element) assertionObj);
+ code = WSTrustConstants.STATUS_CODE_INVALID;
+ reason = "Validation failure: supplied token is not a SAMLV2.0
Assertion";
}
- catch (JAXBException e)
+ else
{
- throw new RuntimeException(e);
+ try
+ {
+ assertion = SAMLUtil.fromElement((Element) assertionObj);
+ }
+ catch (JAXBException e)
+ {
+ throw new RuntimeException(e);
+ }
}
}
-
- String code = WSTrustConstants.STATUS_CODE_VALID;
- String reason = "SAMLV2.0 Assertion successfuly validated";
-
+
// check the assertion lifetime.
try
{