diff options
Diffstat (limited to 'remote/modules')
| -rw-r--r-- | remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml | 8 | ||||
| -rwxr-xr-x | remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm | 4 |
2 files changed, 10 insertions, 2 deletions
diff --git a/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml b/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml index ed456f9c..ec7f3ff8 100644 --- a/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml +++ b/remote/modules/pam-bwidm/data/opt/openslx/bwidm_soap.xml @@ -1,6 +1,12 @@ <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"> <S:Body> - <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="https://bwlp-masterserver.ruf.uni-freiburg.de/Shibboleth.sso/SAML2/ECP" ID="_ff000aafc030c5f0000dbf634b2f0000" IssueInstant="%TIMESTAMP%" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Version="2.0"> + <samlp:AuthnRequest + xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" + AssertionConsumerServiceURL="https://bwlp-masterserver.ruf.uni-freiburg.de/Shibboleth.sso/SAML2/ECP" + ID="%REQUESTID%" + IssueInstant="%TIMESTAMP%" + ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" + Version="2.0"> <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://bwlp-masterserver.ruf.uni-freiburg.de/shibboleth</saml:Issuer> <samlp:NameIDPolicy AllowCreate="1"/> </samlp:AuthnRequest> diff --git a/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm b/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm index ae62c7ee..92379719 100755 --- a/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm +++ b/remote/modules/pam-bwidm/data/opt/openslx/scripts/pam_bwidm @@ -138,7 +138,9 @@ if [ "x$PAM_TYPE" == "xauth" ]; then CT='Content-Type: application/vnd.paos+xml; charset=utf-8' NOW=$(date -u '+%Y-%m-%dT%H:%M:%SZ') HOST=$(echo "${USER_ECP_URL}" | awk -F '/' '{print $3}') - REQUEST=$(sed "s/%TIMESTAMP%/${NOW}/g" "${SOAP_ENVELOPE}") + RID="_c${RANDOM}a${RANDOM}f${RANDOM}f${RANDOM}e${RANDOM}e${RANDOM}" + RID="${RID:0:32}" + REQUEST=$(sed "s/%TIMESTAMP%/${NOW}/g;s/%REQUESTID%/${RID}/g" "${SOAP_ENVELOPE}") NETRC=$(mktemp -p /run/) [ -z "$NETRC" ] && NETRC="/run/netrc_$$_${USER}_${RANDOM}.tmp" touch "$NETRC" |