diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy index ec11c9e43..4e6879d0f 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy @@ -205,7 +205,8 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService { 'xmlns:md': 'urn:oasis:names:tc:SAML:2.0:metadata' ) { filter.retainedRoles.each { - markupBuilderDelegate.RetainedRole(it) + // TODO: fix + markupBuilderDelegate.RetainedRole(it.startsWith('md:') ? it : "md:${it}") } } } diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java index 0222ba46e..ad407cfb5 100644 --- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java +++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/MetadataResolverConfiguration.java @@ -5,6 +5,8 @@ import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository; import edu.internet2.tier.shibboleth.admin.ui.service.IndexWriterService; import edu.internet2.tier.shibboleth.admin.ui.service.MetadataResolverConverterService; +import edu.internet2.tier.shibboleth.admin.ui.service.TokenPlaceholderValueResolvingService; +import edu.internet2.tier.shibboleth.admin.util.TokenPlaceholderResolvers; import net.shibboleth.utilities.java.support.component.ComponentInitializationException; import net.shibboleth.utilities.java.support.resolver.ResolverException; import org.opensaml.saml.metadata.resolver.ChainingMetadataResolver; @@ -39,7 +41,9 @@ public class MetadataResolverConfiguration { MetadataResolverConverterService metadataResolverConverterService; @Bean - public MetadataResolver metadataResolver() throws ResolverException, ComponentInitializationException { + //This injected dependency makes sure that this bean has been created and the wrapped placeholder resolver service + //is available via static facade accessor method to all the downstream non-Spring managed consumers + public MetadataResolver metadataResolver(TokenPlaceholderResolvers tokenPlaceholderResolvers) throws ResolverException, ComponentInitializationException { ChainingMetadataResolver metadataResolver = new OpenSamlChainingMetadataResolver(); metadataResolver.setId("chain"); diff --git a/backend/src/test/resources/conf/533.xml b/backend/src/test/resources/conf/533.xml index 2120be543..66cc376ef 100644 --- a/backend/src/test/resources/conf/533.xml +++ b/backend/src/test/resources/conf/533.xml @@ -6,7 +6,7 @@ xsi:type="ChainingMetadataProvider" xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"> - role1 - role2 + md:role1 + md:role2