Add support for an explicit set of outgoing bindings
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / idp / profile / saml2 / SSOProfileHandler.java
index dfbfb5d..554221f 100644 (file)
@@ -18,6 +18,7 @@ package edu.internet2.middleware.shibboleth.idp.profile.saml2;
 
 import java.io.IOException;
 import java.util.ArrayList;
+import java.util.List;
 
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletException;
@@ -84,6 +85,9 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
 
     /** URL of the authentication manager servlet. */
     private String authenticationManagerPath;
+    
+    /** URI of SAML 2 bindings supported for outgoing messaged encoding. */
+    private ArrayList<String> supportedOutgoingBindings;
 
     /** URI of request decoder. */
     private String decodingBinding;
@@ -92,17 +96,23 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
      * Constructor.
      * 
      * @param authnManagerPath path to the authentication manager servlet
+     * @param outgoingBindings URIs of SAML 2 bindings supported for outgoing message encoding
      * @param decoder URI of the request decoder to use
      */
     @SuppressWarnings("unchecked")
-    public SSOProfileHandler(String authnManagerPath, String decoder) {
+    public SSOProfileHandler(String authnManagerPath, List<String> outgoingBindings, String decoder) {
         super();
 
         if (authnManagerPath == null || decoder == null) {
             throw new IllegalArgumentException("AuthN manager path or decoding bindings URI may not be null");
         }
-
         authenticationManagerPath = authnManagerPath;
+        
+        if(outgoingBindings == null || outgoingBindings.isEmpty()){
+            throw new IllegalArgumentException("List of supported outgoing bindings may not be empty");
+        }
+        supportedOutgoingBindings = new ArrayList<String>(outgoingBindings);
+        
         decodingBinding = decoder;
 
         authnStatementBuilder = (SAMLObjectBuilder<AuthnStatement>) getBuilderFactory().getBuilder(
@@ -431,7 +441,7 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
         endpointSelector.setRelyingParty(requestContext.getRelyingPartyMetadata());
         endpointSelector.setRelyingPartyRole(requestContext.getRelyingPartyRoleMetadata());
         endpointSelector.setSamlRequest(requestContext.getSamlRequest());
-        endpointSelector.getSupportedIssuerBindings().addAll(getMessageEncoderFactory().getEncoderBuilders().keySet());
+        endpointSelector.getSupportedIssuerBindings().addAll(supportedOutgoingBindings);
         Endpoint relyingPartyEndpoint = endpointSelector.selectEndpoint();
 
         MessageEncoder<ServletResponse> encoder = getMessageEncoderFactory().getMessageEncoder(