Author: anil.saldhana(a)jboss.com Date: 2009-07-23 17:24:05 -0400 (Thu, 23 Jul 2009) New Revision: 657 Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java Log: JBID-144: use the return value of validate method Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-07-23 21:20:03 UTC (rev 656) +++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-07-23 21:24:05 UTC (rev 657) @@ -25,6 +25,7 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.InputStream; +import java.security.GeneralSecurityException; import java.security.Principal; import java.util.Arrays; import java.util.List; @@ -208,14 +209,16 @@ private Principal process(Request request, Response response) throws JAXBException, SAXException, IssuerNotTrustedException, - AssertionExpiredException, ConfigurationException + AssertionExpiredException, ConfigurationException, GeneralSecurityException { Principal userPrincipal = null; String samlResponse = request.getParameter("SAMLResponse"); if(samlResponse != null && samlResponse.length() > 0 ) { - this.validate(request); + boolean isValid = this.validate(request); + if(!isValid) + throw new GeneralSecurityException("Validity check failed"); //deal with SAML response from IDP byte[] base64DecodedResponse = PostBindingUtil.base64Decode(samlResponse);