paulhethmon
commented
9 years ago Added code to detect the bookmark access. If this occurs the new behavior will be to return the error:
urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported The SAML responder or SAML authority does not support the request.
By sending this value to the Shib authentication engine.
I'm using version 1.2.1 of the MCB and if somebody directly accesses the login servlet, MCBLoginServlet.java, it raises an exception and code 500 is returned by Apache httpd. In IdP without MCB there is a possibility to check for a direct access and return a proper message without returning 500 status. <% StorageService storageService = HttpServletHelper.getStorageService(application); LoginContext loginContext = HttpServletHelper.getLoginContext(storageService, application,request); if (loginContext == null) { %>
To fix this issue I added "try" block, line 130, in the "service" method of MCBLoginServlet class and that solved the problem.
try { application = this.getServletContext(); loginContext = (LoginContext)HttpServletHelper.getLoginContext(HttpServletHelper.getStorageService(application), application, request); entityDescriptor = HttpServletHelper.getRelyingPartyMetadata(loginContext.getRelyingPartyId(), HttpServletHelper.getRelyingPartyConfigurationManager(application)); entityID = entityDescriptor.getEntityID(); log.debug("Relying party = [{}]", entityID); } catch (Exception e) { log.error("Can't find entityID of the SP"); }
Is the original behavior intentional or is it an overlooked error?