Skip to content
Snippets Groups Projects
Commit 65859abd authored by Olav Morken's avatar Olav Morken
Browse files

saml2/idp/SSOService: Log warning if the AssertionConsumerService in the request is invalid. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1831 44740490-163a-0410-bde0-09ae8108e29a
parent 96e7c25e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
www/saml2/idp/SSOService.php
+ 10
2
View file @ 65859abd
...@@ -149,8 +149,16 @@ if (isset($_REQUEST['SAMLRequest'])) { ...@@ -149,8 +149,16 @@ if (isset($_REQUEST['SAMLRequest'])) {
$spmetadata = $metadata->getMetaData($spentityid, 'saml20-sp-remote'); $spmetadata = $metadata->getMetaData($spentityid, 'saml20-sp-remote');
$consumerURL = $authnrequest->getAssertionConsumerServiceURL(); $consumerURL = $authnrequest->getAssertionConsumerServiceURL();
$consumerArray = SimpleSAML_Utilities::arrayize($spmetadata['AssertionConsumerService']); if ($consumerURL !== NULL) {
if (($consumerURL != NULL) && (array_search($consumerURL, $consumerArray) !== FALSE)) $requestcache['ConsumerURL'] = $consumerURL; $consumerArray = SimpleSAML_Utilities::arrayize($spmetadata['AssertionConsumerService']);
if (in_array($consumerURL, $consumerArray, TRUE)) {
$requestcache['ConsumerURL'] = $consumerURL;
} else {
SimpleSAML_Logger::warning('Authentication request from ' . var_export($spentityid, TRUE) .
' contains invalid AssertionConsumerService URL. Was ' .
var_export($consumerURL, TRUE) . ', could be ' . var_export($consumerArray, TRUE) . '.');
}
}
$IDPList = $authnrequest->getIDPList(); $IDPList = $authnrequest->getIDPList();
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment