GetServiceProviderMetaDataCmd: in metadata use SP's own X509 certs

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2014-09-12 16:30:52 +02:00 · 2014-09-12 16:30:52 +02:00 · 67f97df00f
parent 5e947e2b24
commit 67f97df00f
1 changed files with 5 additions and 5 deletions
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
@ -134,14 +134,14 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements APIAuthent
        signKeyDescriptor.setUse(UsageType.SIGNING);

        BasicX509Credential credential = new BasicX509Credential();
-        credential.setEntityCertificate(_samlAuthManager.getIdpSigningKey());
+        credential.setEntityCertificate(_samlAuthManager.getSpX509Key());
        try {
            encKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential));
            signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential));
-            //TODO: generate own pub/priv keys
-            //spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor);
-            //spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
-        } catch (SecurityException ignored) {
+            spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor);
+            spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
+        } catch (SecurityException e) {
+            s_logger.warn("Unable to add SP X509 descriptors:" + e.getMessage());
        }

        NameIDFormat nameIDFormat = new NameIDFormatBuilder().buildObject();