You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/09/06 10:04:15 UTC
cxf git commit: CXF-7039 - JAX-RS Security SAML web SSO consumer
service can not validate SAML response behind reverse proxy
Repository: cxf
Updated Branches:
refs/heads/master e1fe28c72 -> 9247aad0c
CXF-7039 - JAX-RS Security SAML web SSO consumer service can not validate SAML response behind reverse proxy
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9247aad0
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9247aad0
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9247aad0
Branch: refs/heads/master
Commit: 9247aad0cf49619fe207559c9e4e60f1e0150e0d
Parents: e1fe28c
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Sep 6 11:03:55 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Sep 6 11:03:55 2016 +0100
----------------------------------------------------------------------
.../AbstractRequestAssertionConsumerHandler.java | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/9247aad0/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
index 0e801f3..7486313 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
@@ -72,6 +72,7 @@ public abstract class AbstractRequestAssertionConsumerHandler extends AbstractSS
private MessageContext messageContext;
private String applicationURL;
private boolean parseApplicationURLFromRelayState;
+ private String assertionConsumerServiceAddress;
@Context
public void setMessageContext(MessageContext mc) {
@@ -334,8 +335,11 @@ public abstract class AbstractRequestAssertionConsumerHandler extends AbstractSS
) {
try {
SAMLSSOResponseValidator ssoResponseValidator = new SAMLSSOResponseValidator();
- ssoResponseValidator.setAssertionConsumerURL(
- messageContext.getUriInfo().getAbsolutePath().toString());
+ String racsAddress = assertionConsumerServiceAddress;
+ if (racsAddress == null) {
+ racsAddress = messageContext.getUriInfo().getAbsolutePath().toString();
+ }
+ ssoResponseValidator.setAssertionConsumerURL(racsAddress);
ssoResponseValidator.setClientAddress(
messageContext.getHttpServletRequest().getRemoteAddr());
@@ -402,4 +406,12 @@ public abstract class AbstractRequestAssertionConsumerHandler extends AbstractSS
this.parseApplicationURLFromRelayState = parseApplicationURLFromRelayState;
}
+ public String getAssertionConsumerServiceAddress() {
+ return assertionConsumerServiceAddress;
+ }
+
+ public void setAssertionConsumerServiceAddress(String assertionConsumerServiceAddress) {
+ this.assertionConsumerServiceAddress = assertionConsumerServiceAddress;
+ }
+
}