Skip to content
Snippets Groups Projects
Unverified Commit e1c32bd4 authored by m0ark's avatar m0ark Committed by GitHub
Browse files

make sure that same associationGroup is only used if both ADFS and SAML IdPs are enabled (#1565)

parent b7e26e33
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 8 additions and 6 deletions
src/SimpleSAML/IdP.php
+ 8
6
View file @ e1c32bd4
...@@ -91,12 +91,14 @@ class IdP ...@@ -91,12 +91,14 @@ class IdP
} }
$this->config = $metadata->getMetaDataConfig(substr($id, 5), 'adfs-idp-hosted'); $this->config = $metadata->getMetaDataConfig(substr($id, 5), 'adfs-idp-hosted');
try { if ($globalConfig->getBoolean('enable.saml20-idp', false)) {
// this makes the ADFS IdP use the same SP associations as the SAML 2.0 IdP try {
$saml2EntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); // this makes the ADFS IdP use the same SP associations as the SAML 2.0 IdP
$this->associationGroup = 'saml2:' . $saml2EntityId; $saml2EntityId = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
} catch (\Exception $e) { $this->associationGroup = 'saml2:' . $saml2EntityId;
// probably no SAML 2 IdP configured for this host. Ignore the error } catch (\Exception $e) {
// probably no SAML 2 IdP configured for this host. Ignore the error
}
} }
} else { } else {
throw new \Exception("Protocol not implemented."); throw new \Exception("Protocol not implemented.");
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment