Lock to SAML 1.1 for now.

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@1517 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/src/edu/internet2/middleware/shibboleth/idp/IdPResponder.java b/src/edu/internet2/middleware/shibboleth/idp/IdPResponder.java
index da31a31..61a66ef 100644 (file)
--- a/src/edu/internet2/middleware/shibboleth/idp/IdPResponder.java
+++ b/src/edu/internet2/middleware/shibboleth/idp/IdPResponder.java
@@ -285,7 +285,7 @@ public class IdPResponder extends HttpServlet {
                SAMLRequest samlRequest = null;
                try {
                        try {
-                               samlRequest = binding.receive(request);
+                               samlRequest = binding.receive(request,1);
                        } catch (SAMLException e) {
                                log.fatal("Unable to parse request: " + e);
                                throw new SAMLException("Invalid request data.");

diff --git a/src/edu/internet2/middleware/shibboleth/serviceprovider/AuthenticationAssertionConsumerServlet.java b/src/edu/internet2/middleware/shibboleth/serviceprovider/AuthenticationAssertionConsumerServlet.java
index b4e75e3..b1c85ed 100644 (file)
--- a/src/edu/internet2/middleware/shibboleth/serviceprovider/AuthenticationAssertionConsumerServlet.java
+++ b/src/edu/internet2/middleware/shibboleth/serviceprovider/AuthenticationAssertionConsumerServlet.java
@@ -257,7 +257,8 @@ public class AuthenticationAssertionConsumerServlet extends HttpServlet {
                 shireURL,   // My URL (Why??) To prevent attackers from redirecting messages. 
                 SAMLBrowserProfile.PROFILE_POST,    // TODO: support both profiles 
                 context.getReplayCache(),
-                null
+                null,
+                1
         );
         
         // TODO: Audience/condition checking is now the profile caller's job.