Skip to content
Snippets Groups Projects
Commit 29dd1d15 authored by Hans Zandbelt's avatar Hans Zandbelt
Browse files

fix: swap the order of metadata parameters in verifying signatures on incoming... 

fix: swap the order of metadata parameters in verifying signatures on incoming messages, so the correct certificate from the SP(!) metadata is used to check the signature instead of the IDP one

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2185 44740490-163a-0410-bde0-09ae8108e29a
parent 042e84fd
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/saml/lib/IdP/SAML2.php
+ 1
1
View file @ 29dd1d15
......@@ -377,7 +377,7 @@ class sspmod_saml_IdP_SAML2 {
$idpMetadata = $idp->getConfig();
$spMetadata = $metadata->getMetaDataConfig($spEntityId, 'saml20-sp-remote');
sspmod_saml2_Message::validateMessage($idpMetadata, $spMetadata, $message);
sspmod_saml2_Message::validateMessage($spMetadata, $idpMetadata, $message);
if ($message instanceof SAML2_LogoutResponse) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment