Keep audit log intact with SIDP-497
authorscantor <scantor@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Wed, 8 Jun 2011 18:51:40 +0000 (18:51 +0000)
committerscantor <scantor@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Wed, 8 Jun 2011 18:51:40 +0000 (18:51 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@3039 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AttributeQueryProfileHandler.java
src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AttributeQueryProfileHandler.java

index 3ebfd70..cc01152 100644 (file)
@@ -44,6 +44,7 @@ import org.opensaml.xml.security.SecurityException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import edu.internet2.middleware.shibboleth.common.attribute.provider.BasicAttribute;
 import edu.internet2.middleware.shibboleth.common.profile.ProfileException;
 import edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext;
 import edu.internet2.middleware.shibboleth.common.relyingparty.provider.saml1.AttributeQueryConfiguration;
@@ -280,6 +281,16 @@ public class AttributeQueryProfileHandler extends AbstractSAML1ProfileHandler {
             dest.setNameIdentifier(src.getNameIdentifier());
             dest.setNameQualifier(src.getNameQualifier());
             dest.setFormat(src.getFormat());
+
+            if (dest.getNameIdentifier() != null) {
+                // TODO: this is a hack to satisfy the audit log, but we should fix the
+                // context API to handle the NameID value directly
+                BasicAttribute<String> attribute = new BasicAttribute<String>();
+                attribute.setId("outboundQueryNameIdentifier");
+                attribute.getValues().add(dest.getNameIdentifier());
+                requestContext.setNameIdentifierAttribute(attribute);
+            }
+            
             return dest;
         }
         return null;
index b3f994a..a730d07 100644 (file)
@@ -43,6 +43,7 @@ import org.opensaml.xml.security.SecurityException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import edu.internet2.middleware.shibboleth.common.attribute.provider.BasicAttribute;
 import edu.internet2.middleware.shibboleth.common.profile.ProfileException;
 import edu.internet2.middleware.shibboleth.common.profile.provider.BaseSAMLProfileRequestContext;
 import edu.internet2.middleware.shibboleth.common.relyingparty.provider.saml2.AttributeQueryConfiguration;
@@ -294,6 +295,16 @@ public class AttributeQueryProfileHandler extends AbstractSAML2ProfileHandler {
             dest.setSPNameQualifier(src.getSPNameQualifier());
             dest.setFormat(src.getFormat());
             dest.setSPProvidedID(src.getSPProvidedID());
+
+            if (dest.getValue() != null) {
+                // TODO: this is a hack to satisfy the audit log, but we should fix the
+                // context API to handle the NameID value directly
+                BasicAttribute<String> attribute = new BasicAttribute<String>();
+                attribute.setId("outboundQueryNameID");
+                attribute.getValues().add(dest.getValue());
+                requestContext.setNameIdentifierAttribute(attribute);
+            }
+
             return dest;
         }
         return null;