private void setDoValidateSignatureInRequests(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){ samlssoServiceProviderDO.setDoValidateSignatureInRequests(spssoDescriptor.isAuthnRequestsSigned()); } private void setSingleLogoutServices(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO){
private void setDoValidateSignatureInRequests(SPSSODescriptor spssoDescriptor, SAMLSSOServiceProviderDO samlssoServiceProviderDO) { samlssoServiceProviderDO.setDoValidateSignatureInRequests(spssoDescriptor.isAuthnRequestsSigned()); }
if (spssoRole.isAuthnRequestsSigned() == Boolean.TRUE) { if (! isMessageSigned(samlMsgCtx)) { log.error("SPSSODescriptor for entity ID '{}' indicates AuthnRequests must be signed, "
@Override public void sendAuthenticationRequest(SAMLMessageContext context, WebSSOProfileOptions options) throws SAMLException, MetadataProviderException, MessageEncodingException { SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata(); AssertionConsumerService assertionConsumer = getAssertionConsumerService(options, null, spDescriptor); // The last parameter refers to the IdP that should receive the message. However, // in ECP, we don't know in advance which IdP will be contacted. AuthnRequest authRequest = getAuthnRequest(context, options, assertionConsumer, null); context.setCommunicationProfileId(getProfileIdentifier()); context.setOutboundMessage(getEnvelope()); context.setOutboundSAMLMessage(authRequest); SOAPHelper.addHeaderBlock(context, getPAOSRequest(assertionConsumer)); SOAPHelper.addHeaderBlock(context, getECPRequest(context, options)); sendMessage(context, spDescriptor.isAuthnRequestsSigned(), SAMLConstants.SAML2_PAOS_BINDING_URI); HTTPOutTransport outTransport = (HTTPOutTransport) context.getOutboundMessageTransport(); outTransport.setHeader("Content-Type", "application/vnd.paos+xml"); SAMLMessageStorage messageStorage = context.getMessageStorage(); if (messageStorage != null) { messageStorage.storeMessage(authRequest.getID(), authRequest); } }
boolean sign = spDescriptor.isAuthnRequestsSigned() || idpssoDescriptor.getWantAuthnRequestsSigned(); sendMessage(context, sign);