Skip to content

Fingerprint check in Util class is case sensitive #232

@metalcarratt

Description

@metalcarratt

The Util#validateSignNode uses the equals method to compare the stored fingerprint with the calculated fingerprint from the signature. If someone (me) were to use the wrong case (upper case) in the properties file for the onelogin.saml2.idp.certfingerprint setting they may be confused as to why the fingerprint validation fails.

I think replacing equals with equalsIgnoreCase would easily solve this problem.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions