Switch the SAML issuer to be the IDP URL as opposed to the realm
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f11cd174 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f11cd174 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f11cd174 Branch: refs/heads/1.4.x-fixes Commit: f11cd17474d21761cefa52f95f9cc2f3700b0bf2 Parents: f50c1f6 Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Aug 9 11:45:37 2017 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Aug 9 15:28:46 2017 +0100 ---------------------------------------------------------------------- .../cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f11cd174/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java ---------------------------------------------------------------------- diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java index dd0d65e..d5a13a2 100644 --- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java +++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java @@ -100,7 +100,7 @@ public class SamlResponseCreator { String remoteAddr, String racs) throws Exception { // Create an AuthenticationAssertion SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler(); - callbackHandler.setIssuer(idp.getRealm()); + callbackHandler.setIssuer(idp.getIdpUrl().toString()); callbackHandler.setSubject(receivedToken.getSaml2().getSubject()); // Test Subject against received Subject (if applicable) @@ -154,7 +154,7 @@ public class SamlResponseCreator { "urn:oasis:names:tc:SAML:2.0:status:Success", null ); Response response = - SAML2PResponseComponentBuilder.createSAMLResponse(requestID, idp.getRealm(), status); + SAML2PResponseComponentBuilder.createSAMLResponse(requestID, idp.getIdpUrl().toString(), status); response.getAssertions().add(assertion);
