GetServiceProviderMetaDataCmd: in metadata use SP's own X509 certs Signed-off-by: Rohit Yadav <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/67f97df0 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/67f97df0 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/67f97df0 Branch: refs/heads/master Commit: 67f97df00f9de386e8eb79d3f6b3819aa47119ec Parents: 5e947e2 Author: Rohit Yadav <[email protected]> Authored: Fri Sep 12 16:30:52 2014 +0200 Committer: Rohit Yadav <[email protected]> Committed: Fri Sep 12 16:30:52 2014 +0200 ---------------------------------------------------------------------- .../api/command/GetServiceProviderMetaDataCmd.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/67f97df0/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java ---------------------------------------------------------------------- diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java index 437f4a3..194d94f 100644 --- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java +++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java @@ -134,14 +134,14 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements APIAuthent signKeyDescriptor.setUse(UsageType.SIGNING); BasicX509Credential credential = new BasicX509Credential(); - credential.setEntityCertificate(_samlAuthManager.getIdpSigningKey()); + credential.setEntityCertificate(_samlAuthManager.getSpX509Key()); try { encKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential)); signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential)); - //TODO: generate own pub/priv keys - //spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor); - //spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); - } catch (SecurityException ignored) { + spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor); + spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); + } catch (SecurityException e) { + s_logger.warn("Unable to add SP X509 descriptors:" + e.getMessage()); } NameIDFormat nameIDFormat = new NameIDFormatBuilder().buildObject();
