You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2015/01/12 15:10:52 UTC
git commit: updated refs/heads/4.5 to 23de431
Repository: cloudstack
Updated Branches:
refs/heads/4.5 2720a1b49 -> 23de431f9
CLOUDSTACK-8037: Fix attribute detection, tested to work with onelogin.com
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/23de431f
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/23de431f
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/23de431f
Branch: refs/heads/4.5
Commit: 23de431f96e1dad8a21055ac98926c428e83c775
Parents: 2720a1b
Author: Rohit Yadav <ro...@shapeblue.com>
Authored: Mon Jan 12 18:55:52 2015 +0530
Committer: Rohit Yadav <ro...@shapeblue.com>
Committed: Mon Jan 12 19:40:05 2015 +0530
----------------------------------------------------------------------
.../command/SAML2LoginAPIAuthenticatorCmd.java | 37 +++++++++++---------
1 file changed, 21 insertions(+), 16 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/23de431f/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index 2ac1ff5..a0dcad5 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -239,22 +239,27 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements APIAuthent
}
}
- AttributeStatement attributeStatement = assertion.getAttributeStatements().get(0);
- List<Attribute> attributes = attributeStatement.getAttributes();
-
- // Try capturing standard LDAP attributes
- for (Attribute attribute: attributes) {
- String attributeName = attribute.getName();
- String attributeValue = attribute.getAttributeValues().get(0).getDOM().getTextContent();
- if (attributeName.equalsIgnoreCase("uid") && uniqueUserId == null) {
- username = attributeValue;
- uniqueUserId = SAMLUtils.createSAMLId(username);
- } else if (attributeName.equalsIgnoreCase("givenName")) {
- firstName = attributeValue;
- } else if (attributeName.equalsIgnoreCase(("sn"))) {
- lastName = attributeValue;
- } else if (attributeName.equalsIgnoreCase("mail")) {
- email = attributeValue;
+ List<AttributeStatement> attributeStatements = assertion.getAttributeStatements();
+ if (attributeStatements != null && attributeStatements.size() > 0) {
+ for (AttributeStatement attributeStatement: attributeStatements) {
+ if (attributeStatement == null) {
+ continue;
+ }
+ // Try capturing standard LDAP attributes
+ for (Attribute attribute: attributeStatement.getAttributes()) {
+ String attributeName = attribute.getName();
+ String attributeValue = attribute.getAttributeValues().get(0).getDOM().getTextContent();
+ if (attributeName.equalsIgnoreCase("uid") && uniqueUserId == null) {
+ username = attributeValue;
+ uniqueUserId = SAMLUtils.createSAMLId(username);
+ } else if (attributeName.equalsIgnoreCase("givenName")) {
+ firstName = attributeValue;
+ } else if (attributeName.equalsIgnoreCase(("sn"))) {
+ lastName = attributeValue;
+ } else if (attributeName.equalsIgnoreCase("mail")) {
+ email = attributeValue;
+ }
+ }
}
}