etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SAML2UserAuthenticator: check that request params has SAMLResponse 

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This commit is contained in:
Rohit Yadav 2014-08-25 01:57:24 +02:00
parent 7ee4176c7a
commit ad13d3d747
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/user-authenticators/saml2/src/org/apache/cloudstack/saml/SAML2UserAuthenticator.java
View File

@ -48,8 +48,8 @@ public class SAML2UserAuthenticator extends DefaultUserAuthenticator {
return new Pair<Boolean, ActionOnFailedAuthentication>(false, null);
} else {
User user = _userDao.getUser(userAccount.getId());
// TODO: check SAMLRequest, signature etc. from requestParameters
if (user != null && SAMLUtils.checkSAMLUserId(user.getUuid())) {
if (user != null && SAMLUtils.checkSAMLUserId(user.getUuid()) &&
requestParameters.containsKey(SAMLUtils.SAML_RESPONSE)) {
return new Pair<Boolean, ActionOnFailedAuthentication>(true, null);
}
}