CASC-128

ability to disable SAML 1.1 schema validation
2010-11-16 04:43:08 +00:00 · 2010-11-16 04:43:08 +00:00 · befd53e456
parent 1abdee8399
commit befd53e456
5 changed files with 23 additions and 2 deletions
--- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java
@ -123,8 +123,7 @@ public final class SingleSignOutHandler {
        } catch (final Exception e) {
            // ignore if the session is already marked as invalid.  Nothing we can do!
        }
-        sessionMappingStorage.addSessionById(
-                CommonUtils.safeGetParameter(request, this.artifactParameterName), session);
+        sessionMappingStorage.addSessionById(token, session);
    }
   
    /**
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java
@ -36,6 +36,10 @@ public abstract class AbstractCasProtocolUrlBasedTicketValidator extends Abstrac
        super(casServerUrlPrefix);
    }

+    protected final void setDisableXmlSchemaValidation(final boolean disable) {
+        // nothing to do
+    }
+
    /**
     * Retrieves the response from the server by opening a connection and merely reading the response.
     */
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractUrlBasedTicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractUrlBasedTicketValidator.java
@ -95,6 +95,14 @@ public abstract class AbstractUrlBasedTicketValidator implements TicketValidator
     */
    protected abstract String getUrlSuffix();

+    /**
+     * Disable XML Schema validation.  Note, setting this to true may not be reversable. Defaults to false. Setting it to false
+     * after setting it to true may not have any affect.
+     *
+     * @param disabled whether to disable or not.
+     */
+    protected abstract void setDisableXmlSchemaValidation(boolean disabled);
+
    /**
     * Constructs the URL to send the validation request to.
     *
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java
@ -58,6 +58,7 @@ public final class Saml11TicketValidationFilter extends AbstractTicketValidation
        validator.setRenew(parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false")));
        validator.setHostnameVerifier(getHostnameVerifier(filterConfig));
        validator.setEncoding(getPropertyFromInitParams(filterConfig, "encoding", null));
+        validator.setDisableXmlSchemaValidation(parseBoolean(getPropertyFromInitParams(filterConfig, "disableXmlSchemaValidation", "false")));
        return validator;
    }
 }
--- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java
@ -58,6 +58,15 @@ public final class Saml11TicketValidator extends AbstractUrlBasedTicketValidator
        urlParameters.put("TARGET", service);
    }

+    @Override
+    protected void setDisableXmlSchemaValidation(final boolean disabled) {
+        if (disabled) {
+            // according to our reading of the SAML 1.1 code, this should disable the schema checking.  However, there may be a couple
+            // of error messages that slip through on start up!
+            XML.parserPool.setDefaultSchemas(null, null);
+        }
+    }
+
    protected Assertion parseResponseFromServer(final String response) throws TicketValidationException {
        try {
        	final String removeStartOfSoapBody = response.substring(response.indexOf("<SOAP-ENV:Body>") + 15);