Author: anil.saldhana(a)jboss.com
Date: 2009-06-03 08:45:06 -0400 (Wed, 03 Jun 2009)
New Revision: 565
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
Log:
JBID-125: assertion util
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-06-03
00:05:55 UTC (rev 564)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPPostFormAuthenticator.java 2009-06-03
12:45:06 UTC (rev 565)
@@ -49,6 +49,7 @@
import
org.jboss.identity.federation.bindings.tomcat.sp.holder.ServiceProviderSAMLContext;
import org.jboss.identity.federation.bindings.util.PostBindingUtil;
import org.jboss.identity.federation.bindings.util.ValveUtil;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException;
import org.jboss.identity.federation.saml.v2.assertion.EncryptedElementType;
@@ -238,7 +239,7 @@
private Principal process(Request request, Response response)
throws JAXBException, SAXException, IssuerNotTrustedException,
- AssertionExpiredException, DatatypeConfigurationException
+ AssertionExpiredException, DatatypeConfigurationException, ConfigurationException
{
Principal userPrincipal = null;
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-06-03
00:05:55 UTC (rev 564)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPUtil.java 2009-06-03
12:45:06 UTC (rev 565)
@@ -33,13 +33,13 @@
import org.apache.catalina.realm.GenericPrincipal;
import org.jboss.identity.federation.api.saml.v2.common.IDGenerator;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.AssertionExpiredException;
-import org.jboss.identity.federation.core.saml.v2.util.XMLTimeUtil;
+import org.jboss.identity.federation.core.saml.v2.util.AssertionUtil;
import org.jboss.identity.federation.saml.v2.assertion.AssertionType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType;
import org.jboss.identity.federation.saml.v2.assertion.AttributeType;
-import org.jboss.identity.federation.saml.v2.assertion.ConditionsType;
import org.jboss.identity.federation.saml.v2.assertion.NameIDType;
import org.jboss.identity.federation.saml.v2.assertion.SubjectType;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
@@ -83,7 +83,7 @@
*/
@SuppressWarnings("unchecked")
public Principal handleSAMLResponse(Request request, ResponseType responseType)
- throws DatatypeConfigurationException, AssertionExpiredException
+ throws DatatypeConfigurationException, ConfigurationException,
AssertionExpiredException
{
if(request == null)
throw new IllegalArgumentException("request is null");
@@ -104,14 +104,9 @@
AssertionType assertion = (AssertionType)assertions.get(0);
//Check for validity of assertion
- ConditionsType conditionsType = assertion.getConditions();
- if(conditionsType != null)
- {
- boolean isValidAssertion = XMLTimeUtil.isValid(XMLTimeUtil.getIssueInstant(),
- conditionsType.getNotBefore(), conditionsType.getNotOnOrAfter());
- if(isValidAssertion == false)
- throw new AssertionExpiredException();
- }
+ boolean isValidAssertion = AssertionUtil.hasExpired(assertion);
+ if(isValidAssertion == false)
+ throw new AssertionExpiredException();
SubjectType subject = assertion.getSubject();
JAXBElement<NameIDType> jnameID = (JAXBElement<NameIDType>)
subject.getContent().get(0);
Show replies by date