From 67f97df00f9de386e8eb79d3f6b3819aa47119ec Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Fri, 12 Sep 2014 16:30:52 +0200 Subject: [PATCH] GetServiceProviderMetaDataCmd: in metadata use SP's own X509 certs Signed-off-by: Rohit Yadav --- .../api/command/GetServiceProviderMetaDataCmd.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java index 437f4a38202..194d94f9d29 100644 --- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java +++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java @@ -134,14 +134,14 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements APIAuthent signKeyDescriptor.setUse(UsageType.SIGNING); BasicX509Credential credential = new BasicX509Credential(); - credential.setEntityCertificate(_samlAuthManager.getIdpSigningKey()); + credential.setEntityCertificate(_samlAuthManager.getSpX509Key()); try { encKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential)); signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(credential)); - //TODO: generate own pub/priv keys - //spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor); - //spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); - } catch (SecurityException ignored) { + spSSODescriptor.getKeyDescriptors().add(encKeyDescriptor); + spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor); + } catch (SecurityException e) { + s_logger.warn("Unable to add SP X509 descriptors:" + e.getMessage()); } NameIDFormat nameIDFormat = new NameIDFormatBuilder().buildObject();