Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id DF77E19C39 for ; Thu, 24 Mar 2016 17:50:05 +0000 (UTC) Received: (qmail 78005 invoked by uid 500); 24 Mar 2016 17:50:05 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 77931 invoked by uid 500); 24 Mar 2016 17:50:05 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 77922 invoked by uid 99); 24 Mar 2016 17:50:05 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Mar 2016 17:50:05 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 7A6DBDFC6E; Thu, 24 Mar 2016 17:50:05 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: coheigea@apache.org To: commits@cxf.apache.org Date: Thu, 24 Mar 2016 17:50:05 -0000 Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: [1/2] cxf-fediz git commit: Ensure the AuthnRequest has an Issuer Repository: cxf-fediz Updated Branches: refs/heads/master abec978fc -> 10ca19558 Ensure the AuthnRequest has an Issuer Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/0f2067ab Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/0f2067ab Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/0f2067ab Branch: refs/heads/master Commit: 0f2067abf24d98c07e1a2b2aedfe17aaea041e84 Parents: abec978 Author: Colm O hEigeartaigh Authored: Thu Mar 24 17:26:58 2016 +0000 Committer: Colm O hEigeartaigh Committed: Thu Mar 24 17:26:58 2016 +0000 ---------------------------------------------------------------------- .../cxf/fediz/service/idp/samlsso/AuthnRequestValidator.java | 5 +++++ 1 file changed, 5 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/0f2067ab/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/samlsso/AuthnRequestValidator.java ---------------------------------------------------------------------- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/samlsso/AuthnRequestValidator.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/samlsso/AuthnRequestValidator.java index 82f3c66..c32e467 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/samlsso/AuthnRequestValidator.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/samlsso/AuthnRequestValidator.java @@ -98,6 +98,11 @@ public class AuthnRequestValidator { LOG.debug("No signature is present, therefore the request is rejected"); throw new ProcessingException(TYPE.BAD_REQUEST); } + + if (authnRequest.getIssuer() == null) { + LOG.debug("No Issuer is present in the AuthnRequest"); + throw new ProcessingException(TYPE.BAD_REQUEST); + } } private void checkDestination(RequestContext context, AuthnRequest authnRequest) throws ProcessingException {