[jboss-identity-commits] JBoss Identity SVN: r655 - in identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat: sp and 1 other directory.

Thursday, 23 July 2009


Author: anil.saldhana(a)jboss.com
Date: 2009-07-23 16:00:07 -0400 (Thu, 23 Jul 2009)
New Revision: 655

Modified:
  
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
  
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
Log:
JBID-133: use the return value of validate method

Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java	2009-07-20
21:46:48 UTC (rev 654)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPRedirectValve.java	2009-07-23
20:00:07 UTC (rev 655)
@@ -138,7 +138,9 @@
                   try
                   {
                      requestAbstractType = getSAMLRequest(request); 
-                     this.validate(request);
+                     boolean isValid = this.validate(request);
+                     if(!isValid)
+                        throw new GeneralSecurityException("Validity Checks
Failed");
                      
                      this.isTrusted(requestAbstractType.getIssuer().getValue());
                      

Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java	2009-07-20
21:46:48 UTC (rev 654)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java	2009-07-23
20:00:07 UTC (rev 655)
@@ -234,8 +234,11 @@
       String samlResponse = request.getParameter("SAMLResponse"); 
       if(samlResponse != null && samlResponse.length() > 0 )
       {
-         this.validate(request);
+         boolean isValid = this.validate(request);
          
+         if(!isValid)
+            throw new GeneralSecurityException("Validity Checks failed");
+         
          //deal with SAML response from IDP
          byte[] base64DecodedResponse = Base64.decode(samlResponse);
          InputStream is = DeflateUtil.decode(base64DecodedResponse); 


    

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

[jboss-identity-commits] JBoss Identity SVN: r655 - in identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat: sp and 1 other directory.