/** * Extracts the entity ID from the SAML 2 Issuer. * * @param issuer issuer to extract the entityID from * * @return entity ID of the issuer * * @throws MessageDecodingException thrown if the given issuer has a format other than {@link NameIDType#ENTITY} */ protected String extractEntityId(Issuer issuer) throws MessageDecodingException { if (issuer != null) { if (issuer.getFormat() == null || issuer.getFormat().equals(NameIDType.ENTITY)) { return issuer.getValue(); } else { throw new MessageDecodingException("SAML 2 Issuer is not of ENTITY format type"); } } return null; }
protected void verifyIssuer(Issuer issuer, BasicSAMLMessageContext context) throws SAMLException { // Validat format of issuer if (issuer.getFormat() != null && !issuer.getFormat().equals(NameIDType.ENTITY)) { System.out.println("Assertion invalidated by issuer type"+issuer.getFormat()); throw new SAMLException("SAML Assertion is invalid"); } // Validate that issuer is expected peer entity if (!context.getPeerEntityMetadata().getEntityID().equals(issuer.getValue())) { System.out.println("Assertion invalidated by unexpected issuer value"+ issuer.getValue()); throw new SAMLException("SAML Assertion is invalid"); } }
protected void verifyIssuer(Issuer issuer, SAMLMessageContext context) throws SAMLException { // Validate format of issuer if (issuer.getFormat() != null && !issuer.getFormat().equals(NameIDType.ENTITY)) { throw new SAMLException("Issuer invalidated by issuer type " + issuer.getFormat()); } // Validate that issuer is expected peer entity if (!context.getPeerEntityMetadata().getEntityID().equals(issuer.getValue())) { throw new SAMLException("Issuer invalidated by issuer value " + issuer.getValue()); } }
if ((StringUtils.isNotBlank(issuer.getFormat())) && !(issuer.getFormat().equals(SAMLSSOConstants.Attribute.ISSUER_FORMAT))) { validationResponse.setValid(false); String errorResp = SAMLSSOUtil.buildErrorResponse( authnReq.getAssertionConsumerServiceURL()); if (log.isDebugEnabled()) { log.debug("Invalid Issuer Format attribute value " + issuer.getFormat());
if (StringUtils.isNotBlank(issuer.getFormat()) && !NameID.ENTITY.equals(issuer.getFormat())) { SAML2SSORequestValidationException ex = new SAML2SSORequestValidationException(StatusCode.REQUESTER_URI, "Invalid Issuer Format attribute value " + issuer .getFormat()); ex.setInResponseTo(saml2SSOContext.getId()); ex.setAcsUrl(saml2SSOContext.getAssertionConsumerURL());