Merge pull request OpenConext#50 from OpenConext/bugfix/subjectconfir…

…mationdata-invalid-address-attribute Do not send SubjectConfirmationData Address= with URL
RallySoftware · Feb 5, 2019 · 5724078 · 5724078
2 parents 8aa7efe + af1600d
commit 5724078
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 3 deletions.
diff --git a/mujina-common/src/main/java/mujina/saml/SAMLBuilder.java b/mujina-common/src/main/java/mujina/saml/SAMLBuilder.java
@@ -57,7 +57,6 @@ private static Subject buildSubject(String subjectNameId, String subjectNameIdTy
     subjectConfirmationData.setRecipient(recipient);
     subjectConfirmationData.setInResponseTo(inResponseTo);
     subjectConfirmationData.setNotOnOrAfter(new DateTime().plusMinutes(8 * 60));
-    subjectConfirmationData.setAddress(recipient);
 
     subjectConfirmation.setSubjectConfirmationData(subjectConfirmationData);
 

diff --git a/mujina-sp/src/test/resources/saml_response.xml b/mujina-sp/src/test/resources/saml_response.xml
@@ -33,8 +33,7 @@
     <saml2:Subject>
       <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">admin</saml2:NameID>
       <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
-        <saml2:SubjectConfirmationData Address="http://localhost:9090/saml/SSO"
-                                       InResponseTo="a1fef459164dc0ge323e4564ic56g1"
+        <saml2:SubjectConfirmationData InResponseTo="a1fef459164dc0ge323e4564ic56g1"
                                        NotOnOrAfter="2017-03-29T15:45:32.879Z"
                                        Recipient="http://localhost:9090/saml/SSO"/>
       </saml2:SubjectConfirmation>