You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 29, 2022. It is now read-only.
In org.opensaml.saml2.binding.encoding.BaseSAML2MessageEncoder the getEndpointURL is written as
protected String getEndpointURL(SAMLMessageContext messageContext) throws MessageEncodingException {
Endpoint endpoint = messageContext.getPeerEntityEndpoint();
if (endpoint == null) {
throw new MessageEncodingException("Endpoint for relying party was null.");
}
if (messageContext.getOutboundMessage() instanceof StatusResponseType
&& !DatatypeHelper.isEmpty(endpoint.getResponseLocation())) {
return endpoint.getResponseLocation();
} else {
if (DatatypeHelper.isEmpty(endpoint.getLocation())) {
throw new MessageEncodingException("Relying party endpoint location was null or empty.");
}
return endpoint.getLocation();
}
}
If you notice, AbstractProfileBase.sendMessage(..) above calls samlContext.setOutboundSAMLMessage(message); so the line messageContext.getOutboundMessage() in BaseSAML2MessageEncoder.getEndpointURL(..) would return null. So even for response messages (like saml logout response) the endpoint.getLocation() would be used as destination and not endpoint.getResponseLocation() (this is the one to be used for response messages).
should we not add a line
samlContext.setOutboundMessage(message);
Mandus Elfving (Migrated from SES-7) said:
Implement support for Single Logout.
According to the thread at http://jira.springframework.org/browse/SEC-1004 Aslak Knutsen has already implemented it and could maybe be contacted for a working implementation?
The text was updated successfully, but these errors were encountered: