When signing SAML core impls, callers shouldn't add a SAMLObjectContentReference...
authorputmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 24 Aug 2007 20:19:38 +0000 (20:19 +0000)
committerputmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 24 Aug 2007 20:19:38 +0000 (20:19 +0000)
by the AbstractSignableSAMLObject impl.  Doing so results in redundant, duplicate References in the resulting signature.

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2350 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/idp/profile/saml1/AbstractSAML1ProfileHandler.java
src/edu/internet2/middleware/shibboleth/idp/profile/saml2/AbstractSAML2ProfileHandler.java

index bd075c7..3dc2bee 100644 (file)
@@ -638,9 +638,7 @@ public abstract class AbstractSAML1ProfileHandler extends AbstractSAMLProfileHan
         if (log.isDebugEnabled()) {
             log.debug("Signing assertion to relying party " + requestContext.getPeerEntityId());
         }
-        SAMLObjectContentReference contentRef = new SAMLObjectContentReference(assertion);
         Signature signature = signatureBuilder.buildObject(Signature.DEFAULT_ELEMENT_NAME);
-        signature.getContentReferences().add(contentRef);
         
         signature.setSigningCredential(signatureCredential);
         try {
index b44c293..dfa4dcf 100644 (file)
@@ -476,9 +476,7 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
         if (log.isDebugEnabled()) {
             log.debug("Signing assertion to relying party " + requestContext.getPeerEntityId());
         }
-        SAMLObjectContentReference contentRef = new SAMLObjectContentReference(assertion);
         Signature signature = signatureBuilder.buildObject(Signature.DEFAULT_ELEMENT_NAME);
-        signature.getContentReferences().add(contentRef);
         
         signature.setSigningCredential(signatureCredential);
         try {