Fix https://bugs.internet2.edu/jira/browse/SIDP-322
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 30 Jun 2009 11:08:18 +0000 (11:08 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 30 Jun 2009 11:08:18 +0000 (11:08 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2851 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

doc/RELEASE-NOTES.txt
src/main/java/edu/internet2/middleware/shibboleth/idp/authn/AuthenticationEngine.java

index 33bfc7f..9a3c012 100644 (file)
@@ -10,6 +10,7 @@ Changes in Release 2.1.3
 [SIDP-306] - Remove ClientCertAuth rule from SAML 2 SSO SecurityPolicy in relying-party.xml
 [SIDP-310] - Change default relying-party.xml settings for SAML 2 profiles' encryptNameIds parameter from "conditional" to "never"
 [SIDP-318] - IdP erroneously logs many normal events as errors
+[SIDP-322] - Exception thrown when SP requests a particular authentication method that is not configured
 
 Changes in Release 2.1.2
 =============================================
index 33b1b0b..d4eb5ab 100644 (file)
@@ -316,6 +316,10 @@ public class AuthenticationEngine extends HttpServlet {
                 loginHandler = possibleLoginHandlers.get(AuthnContext.PREVIOUS_SESSION_AUTHN_CTX);
             } else {
                 possibleLoginHandlers.remove(AuthnContext.PREVIOUS_SESSION_AUTHN_CTX);
+                if (possibleLoginHandlers.isEmpty()) {
+                    LOG.info("No authentication mechanism available for use with relying party '{}'", loginContext.getRelyingPartyId());
+                    throw new AuthenticationException();
+                }
                 Entry<String, LoginHandler> chosenLoginHandler = possibleLoginHandlers.entrySet().iterator().next();
                 loginContext.setAttemptedAuthnMethod(chosenLoginHandler.getKey());
                 loginHandler = chosenLoginHandler.getValue();