Relaxing hostname checks for SAML metadata URLs
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/278525b7 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/278525b7 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/278525b7 Branch: refs/heads/master Commit: 278525b7c8257681a2a95b87c06ed63e6e3a21b5 Parents: c0c51bf Author: Francesco Chicchiriccò <ilgro...@apache.org> Authored: Tue Aug 15 07:07:03 2017 +0200 Committer: Francesco Chicchiriccò <ilgro...@apache.org> Committed: Tue Aug 15 07:07:19 2017 +0200 ---------------------------------------------------------------------- .../src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/278525b7/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java ---------------------------------------------------------------------- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index 0809020..39c7bfa 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -129,7 +129,8 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> { private static final Encryptor ENCRYPTOR = Encryptor.getInstance(); - private static final UrlValidator URL_VALIDATOR = new UrlValidator(new String[] { "http", "https" }); + private static final UrlValidator URL_VALIDATOR = new UrlValidator( + new String[] { "http", "https" }, UrlValidator.ALLOW_LOCAL_URLS); @Autowired private AccessTokenDataBinder accessTokenDataBinder;