Small bug fix. Was checking for the SAML 1.1 URI instead of the SAML 1.0 URI.
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 9 May 2005 20:22:27 +0000 (20:22 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Mon, 9 May 2005 20:22:27 +0000 (20:22 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@1456 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/idp/provider/E_AuthSSOHandler.java

index f06523e..3819ec6 100644 (file)
@@ -74,6 +74,7 @@ import edu.internet2.middleware.shibboleth.metadata.SPSSODescriptor;
 public class E_AuthSSOHandler extends SSOHandler implements IdPProtocolHandler {
 
        private static Logger log = Logger.getLogger(E_AuthSSOHandler.class.getName());
+       private final static String E_AUTH_NAMEID = "urn:oasis:names:tc:SAML:1.0:assertion#X509SubjectName";
        private String eAuthPortal = "http://eauth.firstgov.gov/service/select";
        private String eAuthError = "http://eauth.firstgov.gov/service/error";
        private String csid;
@@ -215,9 +216,9 @@ public class E_AuthSSOHandler extends SSOHandler implements IdPProtocolHandler {
                try {
                        nameId = support.getNameMapper().getNameIdentifierName(relyingParty.getHSNameFormatId(), principal,
                                        relyingParty, relyingParty.getIdentityProvider());
-                       if (!nameId.getFormat().equals(SAMLNameIdentifier.FORMAT_X509)) {
+                       if (!nameId.getFormat().equals(E_AUTH_NAMEID)) {
                                log.error("SAML Name Identifier format is inappropriate for use with E-Authentication provider.  Was ("
-                                               + nameId.getFormat() + ").  Expected (" + SAMLNameIdentifier.FORMAT_X509 + ").");
+                                               + nameId.getFormat() + ").  Expected (" + E_AUTH_NAMEID + ").");
                                eAuthError(response, 60, remoteProviderId, csid);
                                return null;
                        }