Probably don't want to return an attribute statement with a failed authentication
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Sat, 12 Jan 2008 09:37:06 +0000 (09:37 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Sat, 12 Jan 2008 09:37:06 +0000 (09:37 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2569 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
src/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java

index c1b2e55..9b1244b 100644 (file)
@@ -236,6 +236,7 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
                 log.error("User authentication failed with the following error: {}", loginContext
                         .getAuthenticationFailure().toString());
                 requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, null, "User failed authentication"));
+                throw new ProfileException("Authentication failure", loginContext.getAuthenticationFailure());
             }
 
             resolveAttributes(requestContext);
index 5d1a2ab..4c7ff7f 100644 (file)
@@ -219,6 +219,7 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
                     requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER_URI, StatusCode.AUTHN_FAILED_URI,
                             null));
                 }
+                throw new ProfileException("Authentication failure", loginContext.getAuthenticationFailure());
             }
 
             if (requestContext.getSubjectNameIdentifier() != null) {