SAML2UserAuthenticator: check that request params has SAMLResponse Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/fa0d81b5 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/fa0d81b5 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/fa0d81b5 Branch: refs/heads/saml2 Commit: fa0d81b5463c29f35ecbc5b9bb62b7e02e895936 Parents: 7f8e0ff Author: Rohit Yadav <rohit.ya...@shapeblue.com> Authored: Mon Aug 25 01:57:24 2014 +0200 Committer: Rohit Yadav <rohit.ya...@shapeblue.com> Committed: Mon Aug 25 01:58:04 2014 +0200 ---------------------------------------------------------------------- .../src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fa0d81b5/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java index a4902d1..5cd9b52 100644 --- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java +++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java @@ -48,8 +48,8 @@ public class SAML2UserAuthenticator extends DefaultUserAuthenticator { return new Pair<Boolean, ActionOnFailedAuthentication>(false, null); } else { User user = _userDao.getUser(userAccount.getId()); - // TODO: check SAMLRequest, signature etc. from requestParameters - if (user != null && SAMLUtils.checkSAMLUserId(user.getUuid())) { + if (user != null && SAMLUtils.checkSAMLUserId(user.getUuid()) && + requestParameters.containsKey(SAMLUtils.SAML_RESPONSE)) { return new Pair<Boolean, ActionOnFailedAuthentication>(true, null); } }