# include <xmltooling/XMLToolingConfig.h>
# include <xmltooling/io/HTTPRequest.h>
# include <xmltooling/util/DateTime.h>
+# include <xmltooling/validation/ValidatorSuite.h>
using namespace opensaml::saml2;
using namespace opensaml::saml2p;
using namespace opensaml::saml2md;
{
public:
SAML2Consumer(const DOMElement* e, const char* appId)
- : AssertionConsumerService(e, appId, Category::getInstance(SHIBSP_LOGCAT".SSO.SAML2")) {
+ : AssertionConsumerService(e, appId, Category::getInstance(SHIBSP_LOGCAT ".SSO.SAML2")) {
#ifndef SHIBSP_LITE
if (SPConfig::getConfig().isEnabled(SPConfig::OutOfProcess))
m_ssoRule.reset(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(BEARER_POLICY_RULE, e));
// With this flag on, we block unauthenticated ciphertext when decrypting,
// unless the protocol was authenticated.
- pair<bool,bool> requireAuthenticatedCipher = application.getBool("requireAuthenticatedCipher");
+ pair<bool,bool> requireAuthenticatedEncryption = application.getBool("requireAuthenticatedEncryption");
if (alreadySecured)
- requireAuthenticatedCipher.second = false;
+ requireAuthenticatedEncryption.second = false;
// With this flag on, we ignore any unsigned assertions.
const EntityDescriptor* entity = nullptr;
*cr,
application.getRelyingParty(entity)->getXMLString("entityID").second,
mcc.get(),
- requireAuthenticatedCipher.first && requireAuthenticatedCipher.second
+ requireAuthenticatedEncryption.first && requireAuthenticatedEncryption.second
)
);
decrypted = dynamic_pointer_cast<saml2::Assertion>(wrapper);
if (!decrypted->getSignature() && requireSignedAssertions.first && requireSignedAssertions.second)
throw SecurityPolicyException("The incoming assertion was unsigned, violating local security policy.");
+ // Run the schema validators against the assertion, since it was hidden by encryption.
+ SchemaValidators.validate(decrypted.get());
+
// We clear the security flag, so we can tell whether the token was secured on its own.
policy.setAuthenticated(false);
policy.reset(true);