AuthenticationMethod sent in HS SAML response is now configurable via a runtime property.
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Wed, 16 Apr 2003 19:18:53 +0000 (19:18 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Wed, 16 Apr 2003 19:18:53 +0000 (19:18 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@569 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/conf/origin.properties
src/edu/internet2/middleware/shibboleth/hs/HandleServlet.java

index e75b4a0..149c7bf 100755 (executable)
@@ -17,6 +17,9 @@
 
  # [Optional] HTTP Request Header to get principal name from (defaults to REMOTE_USER)
  #edu.internet2.middleware.shibboleth.hs.HandleServlet.username = REMOTE_USER
+ # [Optional] URI identifying the authentication mechanism that is used by the HS
+ #edu.internet2.middleware.shibboleth.hs.HandleServlet.authMethod = urn:oasis:names:tc:SAML:1.0:am:password
 
 ##### Assertion Signing #####
 
index 8b0a320..64070bf 100644 (file)
@@ -75,6 +75,7 @@ import org.apache.log4j.Logger;
 import org.apache.log4j.MDC;
 import org.doomdark.uuid.UUIDGenerator;
 import org.opensaml.QName;
+import org.opensaml.SAMLAuthenticationStatement;
 import org.opensaml.SAMLAuthorityBinding;
 import org.opensaml.SAMLBinding;
 import org.opensaml.SAMLException;
@@ -98,7 +99,7 @@ public class HandleServlet extends HttpServlet {
 
                //Set defaults
                Properties defaultProps = new Properties();
-        defaultProps.setProperty("edu.internet2.middleware.shibboleth.hs.HandleServlet.username","REMOTE_USER");
+               defaultProps.setProperty("edu.internet2.middleware.shibboleth.hs.HandleServlet.username", "REMOTE_USER");
                defaultProps.setProperty(
                        "edu.internet2.middleware.shibboleth.hs.HandleRepository.implementation",
                        "edu.internet2.middleware.shibboleth.hs.provider.MemoryHandleRepository");
@@ -107,6 +108,9 @@ public class HandleServlet extends HttpServlet {
                        "edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStorePath",
                        "/conf/handle.jks");
                defaultProps.setProperty("edu.internet2.middleware.shibboleth.audiences", "urn:mace:InCommon:pilot:2003");
+               defaultProps.setProperty(
+                       "edu.internet2.middleware.shibboleth.hs.HandleServlet.authMethod",
+                       SAMLAuthenticationStatement.AuthenticationMethod_Unspecified);
 
                //Load from file
                Properties properties = new Properties(defaultProps);
@@ -129,6 +133,7 @@ public class HandleServlet extends HttpServlet {
                                        "edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStorePassword",
                                        "edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStoreKeyAlias",
                                        "edu.internet2.middleware.shibboleth.hs.HandleServlet.keyStoreKeyPassword",
+                                       "edu.internet2.middleware.shibboleth.hs.HandleServlet.authMethod",
                                        "edu.internet2.middleware.shibboleth.audiences" };
 
                        for (int i = 0; i < requiredProperties.length; i++) {
@@ -268,14 +273,19 @@ public class HandleServlet extends HttpServlet {
 
                        req.setAttribute("shire", req.getParameter("shire"));
                        req.setAttribute("target", req.getParameter("target"));
-            
-            String header=configuration.getProperty("edu.internet2.middleware.shibboleth.hs.HandleServlet.username");
-            String username=header.equalsIgnoreCase("REMOTE_USER") ? req.getRemoteUser() : req.getHeader(header);
+
+                       String header = configuration.getProperty("edu.internet2.middleware.shibboleth.hs.HandleServlet.username");
+                       String username = header.equalsIgnoreCase("REMOTE_USER") ? req.getRemoteUser() : req.getHeader(header);
 
                        String handle = handleRepository.getHandle(new AuthNPrincipal(username));
                        log.info("Issued Handle (" + handle + ") to (" + username + ")");
 
-                       byte[] buf = generateAssertion(handle, req.getParameter("shire"), req.getRemoteAddr(), req.getAuthType());
+                       byte[] buf =
+                               generateAssertion(
+                                       handle,
+                                       req.getParameter("shire"),
+                                       req.getRemoteAddr(),
+                                       configuration.getProperty("edu.internet2.middleware.shibboleth.hs.HandleServlet.authMethod"));
 
                        createForm(req, res, buf);