X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=shibsp%2Fhandler%2Fimpl%2FAssertionConsumerService.cpp;h=169636d2959f17c92010cb41cb850cf0fdf4e242;hb=cfc4254ba5dd4fc8307baf3b562fe9011282551d;hp=18ef907f886b8ad96335f39f2040f49a54ee281b;hpb=037ba9360859e0591126d351c282a78ba962ca63;p=shibboleth%2Fcpp-sp.git

diff --git a/shibsp/handler/impl/AssertionConsumerService.cpp b/shibsp/handler/impl/AssertionConsumerService.cpp
index 18ef907..169636d 100644
--- a/shibsp/handler/impl/AssertionConsumerService.cpp
+++ b/shibsp/handler/impl/AssertionConsumerService.cpp
@@ -43,6 +43,7 @@ using namespace samlconstants;
 using opensaml::saml2md::EntityDescriptor;
 using opensaml::saml2md::IDPSSODescriptor;
 using opensaml::saml2md::SPSSODescriptor;
+using opensaml::saml2md::isValidForProtocol;
 #else
 # include "lite/CommonDomainCookie.h"
 #endif
@@ -427,7 +428,7 @@ void AssertionConsumerService::extractMessageDetails(const Assertion& assertion,
         const EntityDescriptor* entity = policy.getMetadataProvider()->getEntityDescriptor(policy.getIssuer()->getName());
         if (entity) {
             m_log.debug("matched assertion issuer against metadata, searching for applicable role...");
-            const IDPSSODescriptor* idp=entity->getIDPSSODescriptor(protocol);
+            const IDPSSODescriptor* idp=find_if(entity->getIDPSSODescriptors(), isValidForProtocol(protocol));
             if (idp)
                 policy.setIssuerMetadata(idp);
             else if (m_log.isWarnEnabled())