From 1f0174afeacf2ee6f6c126d792675d6abb8aa0a3 Mon Sep 17 00:00:00 2001 From: Virtually Nick Date: Wed, 24 Jun 2020 15:19:10 -0400 Subject: [PATCH] GUACAMOLE-103: Redirect for login if response hash is not present. --- .../auth/saml/AuthenticationProviderService.java | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java index b256e9b70..ddc6dbde5 100644 --- a/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java +++ b/extensions/guacamole-auth-saml/src/main/java/org/apache/guacamole/auth/saml/AuthenticationProviderService.java @@ -115,16 +115,9 @@ public class AuthenticationProviderService { // Look for the SAML Response parameter. String responseHash = request.getParameter("responseHash"); - if (responseHash != null) { + if (responseHash != null && samlResponseMap.hasSamlResponse(responseHash)) { try { - - // Generate the response object - if (!samlResponseMap.hasSamlResponse(responseHash)) { - logger.warn("SAML response was not found."); - logger.debug("SAML response hash {} not found in response map.", responseHash); - throw new GuacamoleServerException("Provided response was not found in response map."); - } SamlResponse samlResponse = samlResponseMap.getSamlResponse(responseHash); @@ -199,7 +192,7 @@ public class AuthenticationProviderService { } } - // No SAML Response is present, so generate a request. + // No SAML Response is present, or hash is not present in map. AuthnRequest samlReq = new AuthnRequest(samlSettings); URI authUri; try {