Detect whether we are talking to a 1.1 or older target. If so, pull issuer name...
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 23 Jan 2004 04:41:44 +0000 (04:41 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 23 Jan 2004 04:41:44 +0000 (04:41 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@849 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/common/ShibPOSTProfile.java

index 53dfff8..4599dd3 100755 (executable)
@@ -338,8 +338,27 @@ public class ShibPOSTProfile {
 
                String issuer;
                if (relyingParty.isLegacyProvider()) {
-                       //TODO must resolve this
-                       issuer = "fooIssuer";
+                       log.debug("Service Provider is running Shibboleth <= 1.1.  Using old style issuer.");
+
+                       if (relyingParty.getIdentityProvider().getResponseSigningCredential().getX509Certificate() == null) {
+                               throw new SAMLException("Cannot serve old style assertions without an X509 certificate");
+                       }
+
+                       String[] splitDN =
+                               relyingParty
+                                       .getIdentityProvider()
+                                       .getResponseSigningCredential()
+                                       .getX509Certificate()
+                                       .getSubjectDN()
+                                       .getName()
+                                       .split(
+                                       "([Cc][Nn]=|,)");
+                       if (splitDN != null && !(splitDN.equals(""))) {
+                               issuer = splitDN[1];
+                       } else {
+                               throw new SAMLException("Error parsing certificate DN while determining legacy issuer name.");
+                       }
+
                } else {
                        issuer = relyingParty.getProviderId();
                }