cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject [06/37] cxf git commit: CXF-7039 - JAX-RS Security SAML web SSO consumer service can not validate SAML response behind reverse proxy
Date Sat, 10 Sep 2016 14:41:14 GMT
CXF-7039 - JAX-RS Security SAML web SSO consumer service can not validate SAML response behind
reverse proxy


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9247aad0
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9247aad0
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9247aad0

Branch: refs/heads/master-jaxrs-2.1
Commit: 9247aad0cf49619fe207559c9e4e60f1e0150e0d
Parents: e1fe28c
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Sep 6 11:03:55 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Sep 6 11:03:55 2016 +0100

----------------------------------------------------------------------
 .../AbstractRequestAssertionConsumerHandler.java    | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/9247aad0/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
index 0e801f3..7486313 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
@@ -72,6 +72,7 @@ public abstract class AbstractRequestAssertionConsumerHandler extends AbstractSS
     private MessageContext messageContext;
     private String applicationURL;
     private boolean parseApplicationURLFromRelayState;
+    private String assertionConsumerServiceAddress;
     
     @Context 
     public void setMessageContext(MessageContext mc) {
@@ -334,8 +335,11 @@ public abstract class AbstractRequestAssertionConsumerHandler extends
AbstractSS
     ) {
         try {
             SAMLSSOResponseValidator ssoResponseValidator = new SAMLSSOResponseValidator();
-            ssoResponseValidator.setAssertionConsumerURL(
-                messageContext.getUriInfo().getAbsolutePath().toString());
+            String racsAddress = assertionConsumerServiceAddress;
+            if (racsAddress == null) {
+                racsAddress = messageContext.getUriInfo().getAbsolutePath().toString();
+            }
+            ssoResponseValidator.setAssertionConsumerURL(racsAddress);
 
             ssoResponseValidator.setClientAddress(
                  messageContext.getHttpServletRequest().getRemoteAddr());
@@ -402,4 +406,12 @@ public abstract class AbstractRequestAssertionConsumerHandler extends
AbstractSS
         this.parseApplicationURLFromRelayState = parseApplicationURLFromRelayState;
     }
 
+    public String getAssertionConsumerServiceAddress() {
+        return assertionConsumerServiceAddress;
+    }
+
+    public void setAssertionConsumerServiceAddress(String assertionConsumerServiceAddress)
{
+        this.assertionConsumerServiceAddress = assertionConsumerServiceAddress;
+    }
+
 }


Mime
View raw message