mod_auth_mellon/acs-warning.patch

34 lines
1.5 KiB
Diff
Raw Normal View History

commit 5ba9bb72707a90503cd4d042083ea074a0cb6b8a
Author: John Dennis <jdennis@redhat.com>
Date: Fri Oct 30 15:46:33 2015 -0400
Role maybe unknown when assertion consumer url is looked up
Replace the call to lasso_provider_get_metadata_one() with
lasso_provider_get_metadata_one_for_role() so that we can exlicitly
pass the LASSO_PROVIDER_ROLE_SP role. The former call obtains the
role from the provider object and then calls
lasso_provider_get_metadata_one_for_role() using that role. However
the role will not have been set in the provider until the first request is
processed. This means the first time we call this routine it won't
work correctly because the role will not have been set yet, by
explicitly passing the role we avoid this problem.
Signed-off-by: John Dennis <jdennis@redhat.com>
diff --git a/auth_mellon_util.c b/auth_mellon_util.c
index 155bb1a..6c694b7 100644
--- a/auth_mellon_util.c
+++ b/auth_mellon_util.c
@@ -1827,7 +1827,9 @@ char *am_get_assertion_consumer_service_by_binding(LassoProvider *provider, cons
}
if (selected_descriptor) {
- url = lasso_provider_get_metadata_one(provider, selected_descriptor);
+ url = lasso_provider_get_metadata_one_for_role(provider,
+ LASSO_PROVIDER_ROLE_SP,
+ selected_descriptor);
}
lasso_release_list_of_strings(descriptors);