You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2019/11/07 17:26:03 UTC
[cxf] 01/02: Make sure we're getting the Session NotOnOrAfter from
the right assertion
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit b3b99e136ef8d59fa445770b427e3bc0f7cf3e83
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Thu Nov 7 17:10:38 2019 +0000
Make sure we're getting the Session NotOnOrAfter from the right assertion
(cherry picked from commit 67d670b34919dd2f64255505fcf9b3d222b56e7e)
(cherry picked from commit 82ba7e90c8b526911639052d3b7563b3fa5139eb)
# Conflicts:
# rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
---
.../apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java | 2 ++
.../cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java | 7 ++++++-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index 0dd37e1..2d15037 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -124,6 +124,8 @@ public class SAMLSSOResponseValidator {
if (subjectConf != null) {
validateAudienceRestrictionCondition(assertion.getConditions());
validAssertion = assertion;
+ sessionNotOnOrAfter = null;
+
// Store Session NotOnOrAfter
for (AuthnStatement authnStatment : assertion.getAuthnStatements()) {
if (authnStatment.getSessionNotOnOrAfter() != null) {
diff --git a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
index 9a9b44b..30fed1a 100644
--- a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
+++ b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidatorTest.java
@@ -82,7 +82,12 @@ public class SAMLSSOResponseValidatorTest extends org.junit.Assert {
validator.setClientAddress("http://apache.org");
validator.setRequestId("12345");
validator.setSpIdentifier("http://service.apache.org");
- validator.validateSamlResponse(response, false);
+
+ SSOValidatorResponse validateSamlResponse = validator.validateSamlResponse(response, false);
+ assertEquals(response.getID(), validateSamlResponse.getResponseId());
+ assertNotNull(validateSamlResponse.getAssertionElement());
+ assertNotNull(validateSamlResponse.getCreated());
+ assertNotNull(validateSamlResponse.getSessionNotOnOrAfter());
}
@org.junit.Test