Pick role protocol a bit more sanely in order to keep asserting and relying party...
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 21 Jun 2007 03:03:33 +0000 (03:03 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Thu, 21 Jun 2007 03:03:33 +0000 (03:03 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2270 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/idp/profile/saml1/AttributeQueryProfileHandler.java
src/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java

index 1a581ea..4873913 100644 (file)
@@ -134,8 +134,9 @@ public class AttributeQueryProfileHandler extends AbstractSAML1ProfileHandler {
                 requestContext.setRelyingPartyMetadata(getMetadataProvider().getEntityDescriptor(
                         requestContext.getRelyingPartyId()));
 
+                //TODO determine protocol by message version
                 requestContext.setRelyingPartyRoleMetadata(requestContext.getRelyingPartyMetadata().getSPSSODescriptor(
-                        SAMLConstants.SAML1P_NS));
+                        SAMLConstants.SAML10P_NS));
 
                 RelyingPartyConfiguration rpConfig = getRelyingPartyConfiguration(requestContext.getRelyingPartyId());
                 requestContext.setRelyingPartyConfiguration(rpConfig);
@@ -146,7 +147,7 @@ public class AttributeQueryProfileHandler extends AbstractSAML1ProfileHandler {
                         requestContext.getAssertingPartyId()));
 
                 requestContext.setAssertingPartyRoleMetadata(requestContext.getAssertingPartyMetadata()
-                        .getAttributeAuthorityDescriptor(SAMLConstants.SAML1P_NS));
+                        .getAttributeAuthorityDescriptor(SAMLConstants.SAML10P_NS));
 
                 requestContext.setProfileConfiguration((AttributeQueryConfiguration) rpConfig
                         .getProfileConfiguration(AttributeQueryConfiguration.PROFILE_ID));
index 16504c1..bae9288 100644 (file)
@@ -288,10 +288,18 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
             requestContext.setRelyingPartyMetadata(getMetadataProvider().getEntityDescriptor(
                     requestContext.getRelyingPartyId()));
 
+            RoleDescriptor assertingPartyRole;
             RoleDescriptor relyingPartyRole = requestContext.getRelyingPartyMetadata().getSPSSODescriptor(
                     "urn:oasis:names:tc:SAML:1.1:protocol");
+
             if (relyingPartyRole == null) {
-                requestContext.getRelyingPartyMetadata().getSPSSODescriptor("urn:oasis:names:tc:SAML:1.0:protocol");
+                relyingPartyRole = requestContext.getRelyingPartyMetadata()
+                        .getSPSSODescriptor(SAMLConstants.SAML11P_NS);
+                assertingPartyRole = requestContext.getAssertingPartyMetadata().getIDPSSODescriptor(
+                        SAMLConstants.SAML10P_NS);
+            } else {
+                assertingPartyRole = requestContext.getAssertingPartyMetadata().getIDPSSODescriptor(
+                        SAMLConstants.SAML11P_NS);
             }
             requestContext.setRelyingPartyRoleMetadata(relyingPartyRole);
 
@@ -303,12 +311,6 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
             requestContext.setAssertingPartyMetadata(getMetadataProvider().getEntityDescriptor(
                     requestContext.getAssertingPartyId()));
 
-            RoleDescriptor assertingPartyRole = requestContext.getAssertingPartyMetadata().getIDPSSODescriptor(
-                    "urn:oasis:names:tc:SAML:1.1:protocol");
-            if (assertingPartyRole == null) {
-                assertingPartyRole = requestContext.getAssertingPartyMetadata().getIDPSSODescriptor(
-                        "urn:oasis:names:tc:SAML:1.0:protocol");
-            }
             requestContext.setAssertingPartyRoleMetadata(assertingPartyRole);
 
             requestContext.setProfileConfiguration((ShibbolethSSOConfiguration) rpConfig