cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bhais...@apache.org
Subject [33/50] git commit: updated refs/heads/master to 97ed5ff
Date Thu, 28 Aug 2014 17:58:37 GMT
SAML2LoginAPIAuthenticatorCmd: store nameid and session index in user's session

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/b1946e8c
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/b1946e8c
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/b1946e8c

Branch: refs/heads/master
Commit: b1946e8c13a04dbf262f0ee7cf94b55453b711cc
Parents: 230e970
Author: Rohit Yadav <rohit.yadav@shapeblue.com>
Authored: Mon Aug 25 01:51:16 2014 +0200
Committer: Rohit Yadav <rohit.yadav@shapeblue.com>
Committed: Thu Aug 28 19:45:25 2014 +0200

----------------------------------------------------------------------
 .../cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java  | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/b1946e8c/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index e1d95ef..8456872 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -124,7 +124,6 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements
APIAuthent
     }
 
     public String buildAuthnRequestUrl(String idpUrl) {
-        String randomSecureId = new BigInteger(130, new SecureRandom()).toString(32);
         String spId = _samlAuthManager.getServiceProviderId();
         String consumerUrl = _samlAuthManager.getSpSingleSignOnUrl();
         String identityProviderUrl = _samlAuthManager.getIdpSingleSignOnUrl();
@@ -136,7 +135,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements
APIAuthent
         String redirectUrl = "";
         try {
             DefaultBootstrap.bootstrap();
-            AuthnRequest authnRequest = SAMLUtils.buildAuthnRequestObject(randomSecureId,
spId, identityProviderUrl, consumerUrl);
+            AuthnRequest authnRequest = SAMLUtils.buildAuthnRequestObject(spId, identityProviderUrl,
consumerUrl);
             redirectUrl = identityProviderUrl + "?SAMLRequest=" + SAMLUtils.encodeSAMLRequest(authnRequest);
         } catch (ConfigurationException | FactoryConfigurationError | MarshallingException
| IOException e) {
             s_logger.error("SAML AuthnRequest message building error: " + e.getMessage());
@@ -220,6 +219,9 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements
APIAuthent
 
                 Assertion assertion = processedSAMLResponse.getAssertions().get(0);
                 NameID nameId = assertion.getSubject().getNameID();
+                String sessionIndex = assertion.getAuthnStatements().get(0).getSessionIndex();
+                session.setAttribute(SAMLUtils.SAML_NAMEID, nameId);
+                session.setAttribute(SAMLUtils.SAML_SESSION, sessionIndex);
 
                 if (nameId.getFormat().equals(NameIDType.PERSISTENT) || nameId.getFormat().equals(NameIDType.EMAIL))
{
                     username = nameId.getValue();


Mime
View raw message