From 88236da2d2d23184cbd927720127dfb6da24b363 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Wed, 25 Aug 2010 19:02:22 +0200 Subject: [PATCH] [SAMLv2] mark Redirect binding as an invalid binding for return AuthnResponse This is really not supported by the SAMLv2 protocol. --- lasso/saml-2.0/login.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c index 02113a42..80b98131 100644 --- a/lasso/saml-2.0/login.c +++ b/lasso/saml-2.0/login.c @@ -361,6 +361,7 @@ lasso_saml20_login_process_authn_request_msg(LassoLogin *login, const char *auth } else if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_REDIRECT) == 0) { login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_REDIRECT; + goto_cleanup_with_rc(LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE); } else if (g_strcmp0(protocol_binding, LASSO_SAML2_METADATA_BINDING_PAOS) == 0) { login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP; } else {