.getRelyingPartyId());
throw new AuthenticationException();
}
- Entry<String, LoginHandler> chosenLoginHandler = possibleLoginHandlers.entrySet().iterator().next();
- loginContext.setAttemptedAuthnMethod(chosenLoginHandler.getKey());
- loginHandler = chosenLoginHandler.getValue();
+
+ if (loginContext.getDefaultAuthenticationMethod() != null
+ && possibleLoginHandlers.containsKey(loginContext.getDefaultAuthenticationMethod())) {
+ loginHandler = possibleLoginHandlers.get(loginContext.getDefaultAuthenticationMethod());
+ loginContext.setAttemptedAuthnMethod(loginContext.getDefaultAuthenticationMethod());
+ } else {
+ Entry<String, LoginHandler> chosenLoginHandler = possibleLoginHandlers.entrySet().iterator().next();
+ loginContext.setAttemptedAuthnMethod(chosenLoginHandler.getKey());
+ loginHandler = chosenLoginHandler.getValue();
+ }
}
// Send the request to the login handler
/** The session id. */
private String sessionID;
+ /** Default authentication method to use if no other method is requested. */
+ private String defaultAuthenticationMethod;
+
/** List of request authentication methods. */
private List<String> requestAuthenticationMethods;
}
/**
+ * Gets the authentication method to use if none is requested.
+ *
+ * @return authentication method to use if none is requested, may be null which indicates any method may be used
+ */
+ public synchronized String getDefaultAuthenticationMethod() {
+ return defaultAuthenticationMethod;
+ }
+
+ /**
* Returns the ID of the authenticated user.
*
* @return the ID of the user, or <code>null</code> if authentication failed.
}
/**
+ * Sets the authentication method to use if none is requested.
+ *
+ * @param method authentication method to use if none is requested, may be null which indicates any method may be
+ * used
+ */
+ public synchronized void setDefaultAuthenticationMethod(String method) {
+ defaultAuthenticationMethod = method;
+ }
+
+ /**
* Sets if authentication must be forced.
*
* @param force if the authentication manager must re-authenticate the user.
ShibbolethSSOLoginContext loginContext = requestContext.getLoginContext();
RelyingPartyConfiguration rpConfig = getRelyingPartyConfiguration(loginContext.getRelyingPartyId());
+ loginContext.setDefaultAuthenticationMethod(rpConfig.getDefaultAuthenticationMethod());
ProfileConfiguration ssoConfig = rpConfig.getProfileConfiguration(ShibbolethSSOConfiguration.PROFILE_ID);
if (ssoConfig == null) {
String msg = MessageFormatter.format("Shibboleth SSO profile is not configured for relying party '{}'", loginContext.getRelyingPartyId());
log.warn(msg);
throw new ProfileException(msg);
}
- if (loginContext.getRequestedAuthenticationMethods().size() == 0
- && rpConfig.getDefaultAuthenticationMethod() != null) {
- loginContext.getRequestedAuthenticationMethods().add(rpConfig.getDefaultAuthenticationMethod());
- }
httpRequest.setAttribute(LoginContext.LOGIN_CONTEXT_KEY, loginContext);
requestContext.getInboundSAMLMessage());
loginContext.setAuthenticationEngineURL(authenticationManagerPath);
loginContext.setProfileHandlerURL(HttpHelper.getRequestUriWithoutContext(servletRequest));
- if (loginContext.getRequestedAuthenticationMethods().size() == 0
- && rpConfig.getDefaultAuthenticationMethod() != null) {
- loginContext.getRequestedAuthenticationMethods().add(rpConfig.getDefaultAuthenticationMethod());
- }
-
+ loginContext.setDefaultAuthenticationMethod(rpConfig.getDefaultAuthenticationMethod());
+
servletRequest.setAttribute(Saml2LoginContext.LOGIN_CONTEXT_KEY, loginContext);
RequestDispatcher dispatcher = servletRequest.getRequestDispatcher(authenticationManagerPath);
dispatcher.forward(servletRequest, ((HttpServletResponseAdapter) outTransport).getWrappedResponse());
projects / java-idp.git / commitdiff