Don't dereference expired artifacts.

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@1309 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_1ArtifactQueryHandler.java b/src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_1ArtifactQueryHandler.java
index b9c1c2f..e90b8f2 100644 (file)
--- a/src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_1ArtifactQueryHandler.java
+++ b/src/edu/internet2/middleware/shibboleth/idp/provider/SAMLv1_1ArtifactQueryHandler.java
@@ -105,15 +105,18 @@ public class SAMLv1_1ArtifactQueryHandler extends BaseServiceHandler implements
                // for transaction log
                StringBuffer dereferencedArtifacts = new StringBuffer();
 
-               // TODO make sure we don't work on artifacts that are expired
-
                while (artifacts.hasNext()) {
                        queriedArtifacts++;
                        Artifact artifact = (Artifact) artifacts.next();
                        log.info("Dereferencing artifact: (" + artifact.toString() + ").");
                        ArtifactMapping mapping = support.getArtifactMapper().recoverAssertion(artifact);
+
                        if (mapping == null) {
                                log.info("Could not map artifact to a SAML Assertion.");
+
+                       } else if (mapping.isExpired()) {
+                               log.error("Artifact is expired.  Skipping...");
+
                        } else {
                                SAMLAssertion assertion = mapping.getAssertion();
                                // See if we have metadata for this provider