You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2015/06/04 19:08:54 UTC
[2/2] git commit: updated refs/heads/saml-production-grade to 6dfed25
CLOUDSTACK-8457: Fail if idp has no sso URL defined
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/6dfed258
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/6dfed258
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/6dfed258
Branch: refs/heads/saml-production-grade
Commit: 6dfed2588a149c7f8d75b0862c0bc52c9a1ae8f8
Parents: bed8b65
Author: Rohit Yadav <ro...@shapeblue.com>
Authored: Thu Jun 4 19:07:51 2015 +0200
Committer: Rohit Yadav <ro...@shapeblue.com>
Committed: Thu Jun 4 19:07:51 2015 +0200
----------------------------------------------------------------------
.../cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6dfed258/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index e634220..631aed2 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -154,6 +154,12 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
"IdP ID (" + idpId + ") is not found in our list of supported IdPs, cannot proceed.",
params, responseType));
}
+ if (idpMetadata.getSsoUrl() == null || idpMetadata.getSsoUrl().isEmpty()) {
+ throw new ServerApiException(ApiErrorCode.PARAM_ERROR, _apiServer.getSerializedApiError(ApiErrorCode.PARAM_ERROR.getHttpCode(),
+ "IdP ID (" + idpId + ") has no Single Sign On URL defined please contact "
+ + idpMetadata.getContactPersonName() + " <" + idpMetadata.getContactPersonEmail() + ">, cannot proceed.",
+ params, responseType));
+ }
String authnId = SAMLUtils.generateSecureRandomId();
s_logger.debug("Sending SAMLRequest id=" + authnId);
String redirectUrl = SAMLUtils.buildAuthnRequestUrl(authnId, spMetadata, idpMetadata, SAML2AuthManager.SAMLSignatureAlgorithm.value());
@@ -196,7 +202,6 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
SAMLProviderMetadata spMetadata = _samlAuthManager.getSPMetadata();
SAMLProviderMetadata idpMetadata = _samlAuthManager.getIdPMetadata(issuer.getValue());
-
// Set IdpId for this session
session.setAttribute(SAMLPluginConstants.SAML_IDPID, issuer.getValue());