From 5cdbb8b9ae9ba42aa73d7963dacc4f4a46ba6687 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 27 Jul 2017 13:50:41 +0200 Subject: Request headers again; IdP request MUST be Content-Type: text/xml apparently --- src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java | 13 ++++++++----- .../java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java | 6 +++--- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java index 3d9d801..60833a1 100644 --- a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java +++ b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java @@ -51,8 +51,8 @@ public class ECPAuthenticator extends ECPAuthenticatorBase { logger.info("Sending initial SP Request"); HttpGet httpGet = new HttpGet(authInfo.getSpUrl().toString()); - httpGet.setHeader("Accept", "text/html; application/vnd.paos+xml"); - httpGet.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'"); + httpGet.setHeader("Accept", "text/html, application/vnd.paos+xml"); + httpGet.setHeader("PAOS", "ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\""); HttpResponse httpResponse; String responseBody; @@ -119,7 +119,7 @@ public class ECPAuthenticator extends ECPAuthenticatorBase { logger.info("Sending Assertion to SP"); HttpPost httpPost = new HttpPost(assertionConsumerUrl); httpPost.setHeader("Content-Type", "application/vnd.paos+xml"); - httpPost.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'"); + //httpPost.setHeader("PAOS", "ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\""); try { httpPost.setEntity(new StringEntity(documentToString(idpResponse))); httpResponse = client.execute(httpPost); @@ -145,6 +145,7 @@ public class ECPAuthenticator extends ECPAuthenticatorBase { private String getStatusCode(Document idpResponse) { NodeList nl; + String result = null; try { nl = (NodeList) queryDocument(idpResponse, "//*", XPathConstants.NODESET); } catch (XPathException e) { @@ -161,8 +162,10 @@ public class ECPAuthenticator extends ECPAuthenticatorBase { Node val = ns.getAttributes().getNamedItem("Value"); if (val == null) continue; - return val.getNodeValue(); + if (result == null || result.endsWith(":Responder")) { + result = val.getNodeValue(); + } } - return null; + return result; } } diff --git a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java index 0607281..048f1c7 100644 --- a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java +++ b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java @@ -78,9 +78,9 @@ public abstract class ECPAuthenticatorBase extends Observable { try { httpPost.setEntity(new StringEntity(documentToString(idpRequest))); - httpPost.setHeader("Accept", "text/html; application/vnd.paos+xml"); - httpPost.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'"); - httpPost.setHeader("Content-Type", "application/vnd.paos+xml"); + //httpPost.setHeader("Accept", "text/xml, text/html, application/vnd.paos+xml, application/soap+xml, text/xml, */*;q=0.1"); + //httpPost.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'"); + httpPost.setHeader("Content-Type", "text/xml; charset=utf-8"); httpResponse = client.execute(httpPost); if (httpResponse.getStatusLine().getStatusCode() == HttpStatus.SC_UNAUTHORIZED) { -- cgit v1.2.3-55-g7522