diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java index 1214a82..c389ce8 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/session/SingleSignOutHandler.java @@ -123,8 +123,7 @@ public final class SingleSignOutHandler { } catch (final Exception e) { // ignore if the session is already marked as invalid. Nothing we can do! } - sessionMappingStorage.addSessionById( - CommonUtils.safeGetParameter(request, this.artifactParameterName), session); + sessionMappingStorage.addSessionById(token, session); } /** diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java index 0852cd6..84d9e67 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractCasProtocolUrlBasedTicketValidator.java @@ -36,6 +36,10 @@ public abstract class AbstractCasProtocolUrlBasedTicketValidator extends Abstrac super(casServerUrlPrefix); } + protected final void setDisableXmlSchemaValidation(final boolean disable) { + // nothing to do + } + /** * Retrieves the response from the server by opening a connection and merely reading the response. */ diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractUrlBasedTicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractUrlBasedTicketValidator.java index 0921a07..ea6195e 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractUrlBasedTicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractUrlBasedTicketValidator.java @@ -95,6 +95,14 @@ public abstract class AbstractUrlBasedTicketValidator implements TicketValidator */ protected abstract String getUrlSuffix(); + /** + * Disable XML Schema validation. Note, setting this to true may not be reversable. Defaults to false. Setting it to false + * after setting it to true may not have any affect. + * + * @param disabled whether to disable or not. + */ + protected abstract void setDisableXmlSchemaValidation(boolean disabled); + /** * Constructs the URL to send the validation request to. * diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java index 8dd3622..d1fb00b 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidationFilter.java @@ -58,6 +58,7 @@ public final class Saml11TicketValidationFilter extends AbstractTicketValidation validator.setRenew(parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false"))); validator.setHostnameVerifier(getHostnameVerifier(filterConfig)); validator.setEncoding(getPropertyFromInitParams(filterConfig, "encoding", null)); + validator.setDisableXmlSchemaValidation(parseBoolean(getPropertyFromInitParams(filterConfig, "disableXmlSchemaValidation", "false"))); return validator; } } diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java index 339656c..dca512f 100644 --- a/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java +++ b/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java @@ -58,6 +58,15 @@ public final class Saml11TicketValidator extends AbstractUrlBasedTicketValidator urlParameters.put("TARGET", service); } + @Override + protected void setDisableXmlSchemaValidation(final boolean disabled) { + if (disabled) { + // according to our reading of the SAML 1.1 code, this should disable the schema checking. However, there may be a couple + // of error messages that slip through on start up! + XML.parserPool.setDefaultSchemas(null, null); + } + } + protected Assertion parseResponseFromServer(final String response) throws TicketValidationException { try { final String removeStartOfSoapBody = response.substring(response.indexOf("") + 15);