entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity

keep NameIdPolicy/Format in login->nameIDPolicy, as in ID-FF 1.2; use it not to 

look for federations when transient is requested.
This commit is contained in:
Frédéric Péters 2008-02-25 13:01:34 +00:00
parent 1b76f08b7a
commit 24c7d38abc
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lasso/saml-2.0/login.c
View File

@ -538,6 +538,11 @@ lasso_saml20_login_process_federation(LassoLogin *login, gboolean is_consent_obt
name_id_policy_format = LASSO_SAML2_NAME_IDENTIFIER_FORMAT_PERSISTENT;
}
if (login->nameIDPolicy) {
g_free(login->nameIDPolicy);
}
login->nameIDPolicy = g_strdup(name_id_policy_format);
if (name_id_policy_format && strcmp(name_id_policy_format,
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT) == 0) {
return 0;
@ -730,7 +735,8 @@ lasso_saml20_login_build_assertion(LassoLogin *login,
provider = g_hash_table_lookup(profile->server->providers, profile->remote_providerID);
if (profile->identity) {
if (profile->identity && strcmp(login->nameIDPolicy,
LASSO_SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT) != 0) {
char *name_id_sp_name_qualifier;
if (provider->private_data->affiliation_id) {
name_id_sp_name_qualifier = provider->private_data->affiliation_id;