[09/10] git commit: updated refs/heads/master to d46e459

Fri, 12 Sep 2014 08:24:18 -0700 

SAML2LoginAPIAuthenticatorCmd: Don't support HTTP artifact binding

Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/fecc6b6e
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/fecc6b6e
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/fecc6b6e

Branch: refs/heads/master
Commit: fecc6b6e48a623197053a66758071b86fbf3fef1
Parents: 394e613
Author: Rohit Yadav <rohit.ya...@shapeblue.com>
Authored: Fri Sep 12 16:47:40 2014 +0200
Committer: Rohit Yadav <rohit.ya...@shapeblue.com>
Committed: Fri Sep 12 16:47:40 2014 +0200

----------------------------------------------------------------------
 .../cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fecc6b6e/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git 
a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
 
b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index 0257ecf..0f316a8 100644
--- 
a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ 
b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -162,7 +162,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd 
implements APIAuthent
     @Override
     public String authenticate(final String command, final Map<String, 
Object[]> params, final HttpSession session, final String remoteAddress, final 
String responseType, final StringBuilder auditTrailSb, final 
HttpServletResponse resp) throws ServerApiException {
         try {
-            if (!params.containsKey("SAMLResponse")) {
+            if (!params.containsKey("SAMLResponse") && 
!params.containsKey("SAMLart")) {
                 String idpUrl = null;
                 final String[] idps = 
(String[])params.get(ApiConstants.IDP_URL);
                 if (idps != null && idps.length > 0) {
@@ -171,6 +171,10 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd 
implements APIAuthent
                 String redirectUrl = this.buildAuthnRequestUrl(idpUrl);
                 resp.sendRedirect(redirectUrl);
                 return "";
+            } if (params.containsKey("SAMLart")) {
+                throw new 
ServerApiException(ApiErrorCode.UNSUPPORTED_ACTION_ERROR, 
_apiServer.getSerializedApiError(ApiErrorCode.UNSUPPORTED_ACTION_ERROR.getHttpCode(),
+                        "SAML2 HTTP Artifact Binding is not supported",
+                        params, responseType));
             } else {
                 final String samlResponse = 
((String[])params.get(SAMLUtils.SAML_RESPONSE))[0];
                 Response processedSAMLResponse = 
this.processSAMLResponse(samlResponse);

Reply via email to