summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--saml/saml.js7
1 files changed, 4 insertions, 3 deletions
diff --git a/saml/saml.js b/saml/saml.js
index 3eff569..59b16fc 100644
--- a/saml/saml.js
+++ b/saml/saml.js
@@ -46,7 +46,7 @@ process.on('uncaughtException', function (error) {
// SP (that's us)
//---------------
// our URL where the IdP responds with a login result
-var assertionConsumerServiceURL = 'https://codeq.si/Shibboleth.sso/SAML2/POST', // must be a POST
+var assertionConsumerServiceURL = 'https://codeq.si/saml/assert', // must be a POST
// our issuer ID
SPIssuer = 'https://codeq.si/sp/201509281041',
// our encryption key for signing requests
@@ -490,6 +490,7 @@ http_app.get('/Shibboleth.sso/Login', function (req, res) {
'@ProtocolBinding': 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'@AssertionConsumerServiceURL': assertionConsumerServiceURL,
'@Destination': SSOServiceURL,
+ '@ForceAuthn': 'true',
'@ID': requestId,
'@IssueInstant': new Date().toISOString(),
'saml:Issuer': {
@@ -608,7 +609,7 @@ http_app.get('/Shibboleth.sso/Logout', function (req, res) {
});
// user logged in, read the credentials
-http_app.post('/Shibboleth.sso/SAML2/POST', function (req, res) {
+http_app.post('/saml/assert', function (req, res) {
var form = req.body,
keys = [],
errors = [],
@@ -733,7 +734,7 @@ http_app.post('/Shibboleth.sso/SAML2/POST', function (req, res) {
});
// user logged out, the GET service
-http_app.get('/Shibboleth.sso/SLO/Redirect', function (req, res) {
+http_app.get('/saml/slo', function (req, res) {
var form = req.query,
delegateToHandler = function (err, buffer, handler) {
if (err) {