redo fix for handling passive authentication.

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2521 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/src/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java b/src/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java
index 6cd3d09..904540a 100644 (file)
--- a/src/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java
+++ b/src/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java
@@ -220,8 +220,13 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
         try {
             if (loginContext.getPrincipalName() == null) {
                 log.error("User's login context did not contain a principal, user considered unauthenticiated.");
-                requestContext
+                if (loginContext.getPassiveAuth()) {
+                    requestContext
+                        .setFailureStatus(buildStatus(StatusCode.RESPONDER_URI, StatusCode.NO_PASSIVE_URI, null));
+                } else {
+                    requestContext
                         .setFailureStatus(buildStatus(StatusCode.RESPONDER_URI, StatusCode.AUTHN_FAILED_URI, null));
+                }
                 throw new ProfileException("User failed authentication");
             }