https://bugs.internet2.edu/jira/browse/SIDP-362

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2906 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/doc/RELEASE-NOTES.txt b/doc/RELEASE-NOTES.txt
index 60a3d59..cb515fa 100644 (file)
--- a/doc/RELEASE-NOTES.txt
+++ b/doc/RELEASE-NOTES.txt
@@ -1,3 +1,8 @@
+Changes in Release 2.2.0
+=============================================
+[SIDP-362] - Only log exception message without stack trace for expired SAML messages
+
+
 Changes in Release 2.1.5
 =============================================
 [SIDP-353] - Default login.jsp crashes on anonymous RPs

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
index fdb3288..a9fdb21 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
@@ -212,8 +212,8 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
             log.warn(msg, e);
             throw new ProfileException(msg, e);
         } catch (SecurityException e) {
-            String msg = "Shibboleth SSO request does not meet security requirements";
-            log.warn(msg, e);
+            String msg = "Shibboleth SSO request does not meet security requirements: " + e.getMessage();
+            log.warn(msg);
             throw new ProfileException("msg", e);
         }