Commit 09ffea52 authored by michael.simon's avatar michael.simon
Browse files

Don't check AuthenticationRequests destination.

It is not the entityId of the IDP, but the Binding URL called.
parent 0f866851
......@@ -85,11 +85,6 @@ public class Saml2IdpRedirectHandler {
throw new ServletException("SAML Authentication Request ist not complete, issuer data is missing");
if (! idpConfig.getEntityId().equals(authnRequest.getDestination())) {
logger.warn("EntityId from AuthnRequest ({}) does not match SamlIdpConfig EntityId ({}). This is probably some misconfig somewhere.",
authnRequest.getDestination(), idpConfig.getEntityId());
SamlSpMetadataEntity spMetadata = spService.findByEntityId(authnRequest.getIssuer().getValue());
if (spMetadata == null) {
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment