[2/4] cxf git commit: CXF-7039 - JAX-RS Security SAML web SSO consumer service can not validate SAML response behind reverse proxy

coheigea Tue, 06 Sep 2016 03:15:40 -0700

CXF-7039 - JAX-RS Security SAML web SSO consumer service can not validate SAML 
response behind reverse proxy


# Conflicts:
#       
rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/144271ed
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/144271ed
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/144271ed

Branch: refs/heads/3.0.x-fixes
Commit: 144271ed753b223c216e9848c3e748ff62d320e9
Parents: 67cef8f
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Tue Sep 6 11:03:55 2016 +0100
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Tue Sep 6 11:12:39 2016 +0100

----------------------------------------------------------------------
 ...AbstractRequestAssertionConsumerHandler.java | 49 +++++++++++++++++++-
 1 file changed, 47 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/144271ed/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
----------------------------------------------------------------------
diff --git 
a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
 
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
index 16afc2a..f5c8aae 100644
--- 
a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
+++ 
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractRequestAssertionConsumerHandler.java
@@ -70,6 +70,12 @@ public abstract class 
AbstractRequestAssertionConsumerHandler extends AbstractSS
     private TokenReplayCache<String> replayCache;
 
     private MessageContext messageContext;
+<<<<<<< HEAD
+=======
+    private String applicationURL;
+    private boolean parseApplicationURLFromRelayState;
+    private String assertionConsumerServiceAddress;
+>>>>>>> dac029e... CXF-7039 - JAX-RS Security SAML web SSO consumer service 
can not validate SAML response behind reverse proxy
     
     @Context 
     public void setMessageContext(MessageContext mc) {
@@ -310,8 +316,11 @@ public abstract class 
AbstractRequestAssertionConsumerHandler extends AbstractSS
     ) {
         try {
             SAMLSSOResponseValidator ssoResponseValidator = new 
SAMLSSOResponseValidator();
-            ssoResponseValidator.setAssertionConsumerURL(
-                messageContext.getUriInfo().getAbsolutePath().toString());
+            String racsAddress = assertionConsumerServiceAddress;
+            if (racsAddress == null) {
+                racsAddress = 
messageContext.getUriInfo().getAbsolutePath().toString();
+            }
+            ssoResponseValidator.setAssertionConsumerURL(racsAddress);
 
             ssoResponseValidator.setClientAddress(
                  messageContext.getHttpServletRequest().getRemoteAddr());
@@ -353,4 +362,40 @@ public abstract class 
AbstractRequestAssertionConsumerHandler extends AbstractSS
     public void setEnforceResponseSigned(boolean enforceResponseSigned) {
         this.enforceResponseSigned = enforceResponseSigned;
     }
+<<<<<<< HEAD
+=======
+
+    public String getApplicationURL() {
+        return applicationURL;
+    }
+
+    /**
+     * Set the Application URL to forward to, for the unsolicited IdP case.
+     * @param applicationURL
+     */
+    public void setApplicationURL(String applicationURL) {
+        this.applicationURL = applicationURL;
+    }
+
+    public boolean isParseApplicationURLFromRelayState() {
+        return parseApplicationURLFromRelayState;
+    }
+
+    /**
+     * Whether to parse the application URL to forward to from the RelayState, 
for the unsolicted IdP case.
+     * @param parseApplicationURLFromRelayState
+     */
+    public void setParseApplicationURLFromRelayState(boolean 
parseApplicationURLFromRelayState) {
+        this.parseApplicationURLFromRelayState = 
parseApplicationURLFromRelayState;
+    }
+
+    public String getAssertionConsumerServiceAddress() {
+        return assertionConsumerServiceAddress;
+    }
+
+    public void setAssertionConsumerServiceAddress(String 
assertionConsumerServiceAddress) {
+        this.assertionConsumerServiceAddress = assertionConsumerServiceAddress;
+    }
+
+>>>>>>> dac029e... CXF-7039 - JAX-RS Security SAML web SSO consumer service 
can not validate SAML response behind reverse proxy
 }

[2/4] cxf git commit: CXF-7039 - JAX-RS Security SAML web SSO consumer service can not validate SAML response behind reverse proxy

Reply via email to