|
The test cases are actually those quick start examples:
IDP sends SP assertion with three attributes: name=Role, value=manager; name=Role, value=employee; name=Role, value=sales;
But only the last one gets into HttpSession. When I retrieve those attributes by session.getAttribute(GeneralConstants.SESSION_ATTRIBUTE_MAP), I only got one value.
The code that caused the problem is described below.
In method protected void handleIDPResponse(SAML2HandlerRequest request), these lines
if (chooseFriendlyName) { attrMap.put(attr.getFriendlyName(), attr.getAttributeValue()); }
else { attrMap.put(attr.getName(), attr.getAttributeValue()); }
should be changed to something like the following:
if (chooseFriendlyName) {
List<Object> values = attrMap.get(attr.getFriendlyName());
if (values == null) { attrMap.put(attr.getFriendlyName(), attr.getAttributeValue()); }
else if (attr.getAttributeValue() != null) { List<Object> newValues = new ArrayList<>(attr.getAttributeValue()); newValues.addAll(values); attrMap.put(attr.getFriendlyName(), newValues); }
} else {
List<Object> values = attrMap.get(attr.getName());
if (values == null) { attrMap.put(attr.getName(), attr.getAttributeValue()); }
else if (attr.getAttributeValue() != null) { List<Object> newValues = new ArrayList<>(attr.getAttributeValue()); newValues.addAll(values); attrMap.put(attr.getName(), newValues); }
}
|
