Attempted fix for SIDP-212, still needs to be tested
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 22 Sep 2008 07:09:23 +0000 (07:09 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 22 Sep 2008 07:09:23 +0000 (07:09 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2766 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java

index edec55d..0fe1d30 100644 (file)
@@ -397,7 +397,13 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
 
         statement.setSubjectLocality(buildSubjectLocality(requestContext));
 
-        Subject statementSubject = buildSubject(requestContext, "urn:oasis:names:tc:SAML:1.0:cm:bearer");
+        Subject statementSubject;
+        Endpoint endpoint = selectEndpoint(requestContext);
+        if(endpoint.getBinding().equals(SAMLConstants.SAML1_ARTIFACT_BINDING_URI)){
+            statementSubject = buildSubject(requestContext, "urn:oasis:names:tc:SAML:1.0:cm:artifact");
+        }else{
+            statementSubject = buildSubject(requestContext, "urn:oasis:names:tc:SAML:1.0:cm:bearer");
+        }
         statement.setSubject(statementSubject);
 
         return statement;
@@ -406,7 +412,7 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
     /**
      * Constructs the subject locality for the authentication statement.
      * 
-     * @param requestContext curent request context
+     * @param requestContext current request context
      * 
      * @return subject locality for the authentication statement
      */