summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Zorko <robertz@gurucue.com>2015-10-21 13:59:15 +0200
committerRobert Zorko <robertz@gurucue.com>2015-10-21 13:59:15 +0200
commite6db8c7aab74d25a669db857dbbef6a151ee93af (patch)
tree19b63ced916700f5dfe72a833692c990b2f13ade
parent1192ab7b464b614c8c41e7d33f3135370fa83696 (diff)
parenta1e1b8201d0cc8e49b0a57e1978fd45be3a4961d (diff)
Merge branch 'master' of ssh://212.235.189.51:22122/codeq-server
-rw-r--r--saml/saml.js7
1 files changed, 4 insertions, 3 deletions
diff --git a/saml/saml.js b/saml/saml.js
index 3eff569..59b16fc 100644
--- a/saml/saml.js
+++ b/saml/saml.js
@@ -46,7 +46,7 @@ process.on('uncaughtException', function (error) {
// SP (that's us)
//---------------
// our URL where the IdP responds with a login result
-var assertionConsumerServiceURL = 'https://codeq.si/Shibboleth.sso/SAML2/POST', // must be a POST
+var assertionConsumerServiceURL = 'https://codeq.si/saml/assert', // must be a POST
// our issuer ID
SPIssuer = 'https://codeq.si/sp/201509281041',
// our encryption key for signing requests
@@ -490,6 +490,7 @@ http_app.get('/Shibboleth.sso/Login', function (req, res) {
'@ProtocolBinding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'@AssertionConsumerServiceURL': assertionConsumerServiceURL,
'@Destination': SSOServiceURL,
+ '@ForceAuthn': 'true',
'@ID': requestId,
'@IssueInstant': new Date().toISOString(),
'saml:Issuer': {
@@ -608,7 +609,7 @@ http_app.get('/Shibboleth.sso/Logout', function (req, res) {
});
// user logged in, read the credentials
-http_app.post('/Shibboleth.sso/SAML2/POST', function (req, res) {
+http_app.post('/saml/assert', function (req, res) {
var form = req.body,
keys = [],
errors = [],
@@ -733,7 +734,7 @@ http_app.post('/Shibboleth.sso/SAML2/POST', function (req, res) {
});
// user logged out, the GET service
-http_app.get('/Shibboleth.sso/SLO/Redirect', function (req, res) {
+http_app.get('/saml/slo', function (req, res) {
var form = req.query,
delegateToHandler = function (err, buffer, handler) {
if (err) {