if (acsBinding != null && request.getAssertionConsumerServiceIndex() != null) { filterByRequestBinding = true;
if (req.getAssertionConsumerServiceIndex() != null) { domElement.setAttributeNS(null, AuthnRequest.ASSERTION_CONSUMER_SERVICE_INDEX_ATTRIB_NAME, req .getAssertionConsumerServiceIndex().toString());
if (request.getAssertionConsumerServiceIndex() != null) { log.debug("Selecting endpoint by ACS index '{}' for request '{}' from entity '{}'", new Object[] { request.getAssertionConsumerServiceIndex(), request.getID(), getEntityMetadata().getEntityID()}); endpoint = selectEndpointByACSIndex(request, (List<IndexedEndpoint>) endpoints); } else if (request.getAssertionConsumerServiceURL() != null) { if (endpoint == null && request.getAssertionConsumerServiceIndex() == null && request.getAssertionConsumerServiceURL() == null) { log.debug("No ACS index or URL given, selecting endpoint without additional constraints.");
/** * Selects the endpoint by way of the assertion consumer service index given in the AuthnRequest. * * @param request the AuthnRequest * @param endpoints list of endpoints to select from * * @return the selected endpoint */ protected Endpoint selectEndpointByACSIndex(AuthnRequest request, List<IndexedEndpoint> endpoints) { Integer acsIndex = request.getAssertionConsumerServiceIndex(); for (IndexedEndpoint endpoint : endpoints) { if (endpoint == null || !getSupportedIssuerBindings().contains(endpoint.getBinding())) { log.debug( "Endpoint '{}' with binding '{}' discarded because it requires an unsupported outbound binding.", endpoint.getLocation(), endpoint.getBinding()); continue; } if (DatatypeHelper.safeEquals(acsIndex, endpoint.getIndex())) { return endpoint; } else { log.debug("Endpoint '{}' with index '{}' discard because it does have the required index '{}'", new Object[] {endpoint.getLocation(), endpoint.getIndex(), acsIndex}); } } log.warn("Relying party '{}' requested the response to be returned to endpoint with ACS index '{}' " + "however no endpoint, with that index and using a supported binding, can be found " + " in the relying party's metadata ", getEntityMetadata().getEntityID(), acsIndex); return null; }
if (request.getAssertionConsumerServiceIndex() != null) { if (!request.getAssertionConsumerServiceIndex().equals(assertionConsumerService.getIndex())) { log.info("Response was received at a different endpoint index than was requested");