[cxf-fediz] branch master updated: Fixing mistake in previous commit

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[cxf-fediz] branch master updated: Fixing mistake in previous commit

coheigea
Administrator
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git


The following commit(s) were added to refs/heads/master by this push:
     new dea713f  Fixing mistake in previous commit
     new 13a51a8  Merge branch 'master' of github.com:apache/cxf-fediz
dea713f is described below

commit dea713f1dbbacddb826c813b6fd50d6681dcfb45
Author: Colm O hEigeartaigh <[hidden email]>
AuthorDate: Mon Aug 20 12:38:44 2018 +0100

    Fixing mistake in previous commit
---
 .../main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java    | 4 ++--
 .../java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java | 6 ++----
 plugins/core/src/main/resources/schemas/FedizConfig.xsd             | 4 ++--
 3 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java
index de4997e..ba90548 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java
@@ -110,7 +110,7 @@ public class SAMLProtocol extends Protocol {
         return getSAMLProtocol().getIssuerLogoutURL();
     }
 
-    public boolean isCheckClientAddress() {
-        return getSAMLProtocol().isCheckClientAddress();
+    public boolean isDisableClientAddressCheck() {
+        return getSAMLProtocol().isDisableClientAddressCheck();
     }
 }
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
index 00cf00c..7727d9d 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
@@ -329,13 +329,11 @@ public class SAMLProcessorImpl extends AbstractFedizProcessor {
             SAMLSSOResponseValidator ssoResponseValidator = new SAMLSSOResponseValidator();
             String requestURL = request.getRequestURL().toString();
             ssoResponseValidator.setAssertionConsumerURL(requestURL);
-            boolean checkClientAddress = ((SAMLProtocol)config.getProtocol()).isCheckClientAddress();
-            if (checkClientAddress) {
+            boolean disableClientAddressCheck = ((SAMLProtocol)config.getProtocol()).isDisableClientAddressCheck();
+            if (!disableClientAddressCheck) {
                 ssoResponseValidator.setClientAddress(request.getRemoteAddr());
             }
 
-            ssoResponseValidator.setClientAddress(request.getRemoteAddr());
-
             boolean doNotEnforceKnownIssuer =
                 ((SAMLProtocol)config.getProtocol()).isDoNotEnforceKnownIssuer();
             ssoResponseValidator.setEnforceKnownIssuer(!doNotEnforceKnownIssuer);
diff --git a/plugins/core/src/main/resources/schemas/FedizConfig.xsd b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
index 7ffc4d0..fe02f5f 100644
--- a/plugins/core/src/main/resources/schemas/FedizConfig.xsd
+++ b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
@@ -169,7 +169,7 @@
                     <xs:element ref="signRequest" />
                     <xs:element ref="authnRequestBuilder" />
                     <xs:element ref="disableDeflateEncoding" />
-                    <xs:element ref="checkClientAddress" />
+                    <xs:element ref="disableClientAddressCheck" />
                     <xs:element ref="doNotEnforceKnownIssuer" />
                     <xs:element ref="issuerLogoutURL" />
                 </xs:sequence>
@@ -189,7 +189,7 @@
     <xs:element name="disableDeflateEncoding" type="xs:boolean" />
     <xs:element name="doNotEnforceKnownIssuer" type="xs:boolean" />
     <xs:element name="issuerLogoutURL" type="xs:string" />
-    <xs:element name="checkClientAddress" type="xs:boolean" default="true"/>
+    <xs:element name="disableClientAddressCheck" type="xs:boolean"/>
 
     <xs:complexType name="protocolType" abstract="true">
         <xs:sequence>