Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-760

SAML2AuthenticationHandler#handleRequestType should check request method against HttpContext Request instance instead of AuthnRequestType

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Major
    • None
    • PLINK_2.7.1.Final
    • SAML
    • None

    Description

      The fix of PLINK-700 introduces a regression in HTTP Redirect workflow use-cases (between SP and IdP) by the following change:

      SAML2AuthenticationHandler.java
      -                boolean isPost = httpContext.getRequest().getMethod().equalsIgnoreCase("POST");
+               boolean isPost = art.getProtocolBinding().toString().equals(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get());

      Even if httpContext.getRequest() has set GET http method, the handleRequestType method now assumes it being POST in case of urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST in AuthnRequestType.

      Attachments

        Activity

          People

            psilva@redhat.com Pedro Igor Craveiro
            istudens@redhat.com Ivo Studensky
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: