Commit 27229684 authored by Clément OUDOT's avatar Clément OUDOT

Force AllowCreate in NameIDPolicy (#1200)

parent 393f99c2
......@@ -342,6 +342,18 @@ sub run {
$self->logger->debug("Message signature will not be checked");
}
# Force AllowCreate to TRUE for transient/persistent NameIDPolicy
if ( $login->request()->NameIDPolicy ) {
my $nif = $login->request()->NameIDPolicy->Format();
if ( $nif eq $self->getNameIDFormat("transient")
or $nif eq $self->getNameIDFormat("persistent") )
{
$self->logger->debug(
"Force AllowCreate flag in NameIDPolicy");
eval { $login->request()->NameIDPolicy()->AllowCreate(1); };
}
}
# Validate request
unless ( $self->validateRequestMsg( $login, 1, 1 ) ) {
$self->logger->error("Unable to validate SSO request message");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment