Add SPNameQualifier to returned NameIDs if present in request
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 26 Feb 2010 13:17:45 +0000 (13:17 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 26 Feb 2010 13:17:45 +0000 (13:17 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2920 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java

index 21b975e..5c84da8 100644 (file)
@@ -37,6 +37,7 @@ import org.opensaml.saml2.core.AuthnContextClassRef;
 import org.opensaml.saml2.core.AuthnContextDeclRef;
 import org.opensaml.saml2.core.AuthnRequest;
 import org.opensaml.saml2.core.AuthnStatement;
+import org.opensaml.saml2.core.NameID;
 import org.opensaml.saml2.core.NameIDPolicy;
 import org.opensaml.saml2.core.RequestedAuthnContext;
 import org.opensaml.saml2.core.Response;
@@ -560,6 +561,21 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
 
         return subjectLocality;
     }
+    
+    /** {@inheritDoc} */
+    protected NameID buildNameId(BaseSAML2ProfileRequestContext requestContext) throws ProfileException {
+        NameID nameId = super.buildNameId(requestContext);
+        
+        AuthnRequest authnRequest = (AuthnRequest) requestContext.getInboundMessage();
+        NameIDPolicy nameIdPolicy = authnRequest.getNameIDPolicy();
+        if(nameIdPolicy != null){
+            if(!DatatypeHelper.isEmpty(nameIdPolicy.getSPNameQualifier())){
+                nameId.setSPNameQualifier(nameIdPolicy.getSPNameQualifier());
+            }
+        }
+        
+        return nameId;
+    }
 
     /**
      * Selects the appropriate endpoint for the relying party and stores it in the request context.