- // Validate the ACS for use with this protocol.
- pair<bool,const char*> ACSbinding = ACS ? ACS->getString("Binding") : pair<bool,const char*>(false,NULL);
- if (ACSbinding.first) {
- pair<bool,const char*> compatibleBindings = getString("compatibleBindings");
- if (compatibleBindings.first && strstr(compatibleBindings.second, ACSbinding.second) == NULL) {
- m_log.info("configured or requested ACS has non-SAML 1.x binding");
- return make_pair(false,0L);
- }
- else if (strcmp(ACSbinding.second, samlconstants::SAML1_PROFILE_BROWSER_POST) &&
- strcmp(ACSbinding.second, samlconstants::SAML1_PROFILE_BROWSER_ARTIFACT)) {
- m_log.info("configured or requested ACS has non-SAML 1.x binding");
- return make_pair(false,0L);
- }
+ // If we picked by index, validate the ACS for use with this protocol.
+ if (!ACS || !XMLString::equals(samlconstants::SAML11_PROTOCOL_ENUM, ACS->getProtocolFamily())) {
+ if (ACS)
+ request.log(SPRequest::SPWarn, "invalid acsIndex property, or non-SAML 1.x ACS, using default SAML 1.x ACS");
+ ACS = app.getAssertionConsumerServiceByProtocol(getProtocolFamily());
+ if (!ACS)
+ throw ConfigurationException("Unable to locate a SAML 1.x ACS endpoint to use for response.");