Skip to content
Snippets Groups Projects
Commit 689289fd authored by Olav Morken's avatar Olav Morken
Browse files

SAML2: Sign the response if no assertion is present. 

It is possible to send an response without an assertion, such as in the case
of IsPassive. In those cases we don't have an assertion to sign, and we should
fall back to signing the response.


git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@693 44740490-163a-0410-bde0-09ae8108e29a
parent e4a242df
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Bindings/SAML20/HTTPPost.php
+ 5
0
View file @ 689289fd
...@@ -107,6 +107,11 @@ class SimpleSAML_Bindings_SAML20_HTTPPost { ...@@ -107,6 +107,11 @@ class SimpleSAML_Bindings_SAML20_HTTPPost {
$signResponse = $this->configuration->getBoolean('saml20.signresponse', FALSE); $signResponse = $this->configuration->getBoolean('saml20.signresponse', FALSE);
} }
/* Check if we have an assertion to sign. Force to sign the response if not. */
if($firstassertionroot === NULL) {
$signResponse = TRUE;
}
if($signResponse) { if($signResponse) {
/* Sign the response. */ /* Sign the response. */
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment